Przemysław Kowalski

**Name of the Vulnerable Software and Affected Versions** PAN-OS versions 8.0 PAN-OS versions 7.1 earlier than 7.1.26 PAN-OS versions 8.1 earlier than 8.1.13 **Description** The issue is related to an OS Command Injection vulnerability in the PAN-OS web management interface. This vulnerability allows authenticated administrators to execute arbitrary OS commands with root privileges. The exploitation occurs by sending a malicious request to generate new certificates for use in the PAN-OS configuration. **Recommendations** For PAN-OS versions 8.0, update to a version later than 8.0 to resolve the issue. For PAN-OS versions 7.1 earlier than 7.1.26, update to version 7.1.26 or later to resolve the issue. For PAN-OS versions 8.1 earlier than 8.1.13, update to version 8.1.13 or later to resolve the issue.