Privilege escalation in Palo Alto PAN-OS

Published: 2022-05-11

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2022-0024
CWE-ID	CWE-20
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	Palo Alto PAN-OS Operating systems & Components / Operating system
Vendor	Palo Alto Networks, Inc.

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Input validation error

EUVDB-ID: #VU63073

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-0024

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote user to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input. A authenticated network-based PAN-OS administrator can upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Palo Alto PAN-OS: 8.1 - 10.1.4

CPE2.3

cpe:2.3:o:palo_alto_networks:pan-os:10.1.4:*:*:*:*:*:*:*

External links

http://security.paloaltonetworks.com/CVE-2022-0024

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?