Information Disclosure in WildFire Appliance (WF-500)



Published: 2019-07-09
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2018-3665
CWE-ID CWE-200
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
WildFire Appliance (WF-500)
Hardware solutions / Security hardware applicances

Palo Alto PAN-OS
Operating systems & Components / Operating system

Vendor Palo Alto Networks, Inc.

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Side-channel attack

EUVDB-ID: #VU13337

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-3665

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local attacker to obtain potentially sensitive information.

The vulnerability exists due to utilizing the Lazy FP state restore technique for floating point state when context switching between application processes. A local attacker can conduct cache side-channel attacks and determine register values of other processes.

Note: This vulnerability is known as LazyFP.

Mitigation

Update your WildFire Appliance (WF-500) to PAN-OS version 8.1.9, 8.0.18 or 9.0.0.

Users running PAN-OS version 7.1.x are advised to contact support.

Vulnerable software versions

WildFire Appliance (WF-500): All versions

Palo Alto PAN-OS: 8.1.0 - 8.1.8-h5, 8.0.0 - 8.0.17, 7.1.0 - 7.1.24


CPE2.3 External links

http://securityadvisories.paloaltonetworks.com/Home/Detail/154

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###