Multiple vulnerabilities in Palo Alto Networks PAN-OS

1) Use of a broken or risky cryptographic algorithm

EUVDB-ID: #VU17860

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-1559

CWE-ID:

Exploit availability:

Description

The vulnerability allows a remote attacker to decrypt sensitive information.

The vulnerability exists due to the way an application behaves, when it receives a 0-byte record with invalid padding compared to the record with an invalid MAC, which results in padding oracle. A remote attacker can decrypt data.

Successful exploitation of the vulnerability requires that the application is using "non-stitched" ciphersuites and calls SSL_shutdown() twice (first, via a BAD_RECORD_MAC and again via a CLOSE_NOTIFY). 

Mitigation

Update to versions 7.1.25, 8.0.20, 8.1.8, or 9.0.2.

Vulnerable software versions

Palo Alto PAN-OS: 7.1.0 - 9.0.4

Fixed software versions

CPE2.3

• cpe:2.3:o:palo_alto_networks:pan-os:9.0.4:*:*:*:*:*:*:*

External links

http://securityadvisories.paloaltonetworks.com/Home/Detail/202

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Improper Authentication

EUVDB-ID: #VU23404

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-17437

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an error in authentication process. A local non-privileged user can gain elevated privileges on the device.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Palo Alto PAN-OS: 7.1.0 - 9.0.4

Fixed software versions

CPE2.3

• cpe:2.3:o:palo_alto_networks:pan-os:9.0.4:*:*:*:*:*:*:*

External links

http://securityadvisories.paloaltonetworks.com/Home/Detail/201

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?