The vulnerability, identified as CWE-754, affects PA-Series and VM-Series firewalls, as well as Prisma Access deployments operating on specific versions of PAN-OS. It allows unauthenticated attackers to exploit the flaw without needing any credentials, leading to unexpected reboots of the firewall. Ultimately, this vulnerability could interrupt critical network infrastructure, making organizations vulnerable to other security threats during downtime.
Palo Alto Networks assigned a CVSS score of 6.6 for this vulnerability, indicating medium severity and moderate urgency. However, the potential business impact is much higher, as reflected by a CVSS-B score of 8.7. Organizations using PAN-OS versions 10.2 (up to 10.2.13), 11.1 (up to 11.1.6), and 11.2 (up to 11.2.4) are urged to upgrade to patched versions to mitigate risks. Palo Alto has not observed any active exploitation of this vulnerability as of now, but given the potential for operational impact, patching should be a priority.
👉 Pročitaj original: Cyber Security News
