On Monday, CISA added the Palo Alto Networks bug to its list of Known Exploited Vulnerabilities Catalog. The configuration is likely unintended by the network administrator, the advisory said. The advisory describes the non-standard configuration at risk as the “firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing network interface.” The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target.” PAN-OS versions vulnerable to attack, with patches available, include PAN-OS prior to 10.2.2-h2, PAN-OS prior to 10.1.6-h6, PAN-OS prior to 10.0.11-h1, PAN-OS prior to 9.1.14-h4, PAN-OS prior to 9.0.16-h3 and PAN-OS prior to 8.1.23-h1.Īccording to Palo Alto Networks advisory “A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. Affected Products and OS VersionsĪffected products include those running the PAN-OS firewall software include PA-Series, VM-Series and CN-Series devices. Any additional attacks exploiting the bug have either not occurred or been publicly reported. Palo Alto Networks maintains the flaw can only be exploited on a limited number of systems, under certain conditions and that the vulnerable systems are not part of a common firewall configuration. ![]() The flaw could be used by remote hackers to carry out reflected and amplified denial-of-service (DoS) attacks without having to authenticate targeted systems. Federal agencies urged to patch the bug by September 9.Įarlier this month, Palo Alto Networks issued a fix for the high-severity bug (CVE-2022-0028) that it says adversaries attempted to exploit. ![]() ![]() Cybersecurity and Infrastructure Security Agency (CISA) to issue a warning to public and federal IT security teams to apply available fixes. Software running Palo Alto Networks’ firewalls is under attack, prompting U.S.
0 Comments
Leave a Reply. |