CVE-2020-2009

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS Panorama versions 7.1 Palo Alto Networks PAN-OS Panorama versions 8.1 through 8.1.13 Palo Alto Networks PAN-OS Panorama versions 9.0 through 9.0.6

Description An external control of filename vulnerability in the SD WAN component allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases, this results in arbitrary code execution with root permissions.

Recommendations For versions 7.1, update to a version later than 7.1 to resolve the issue. For versions 8.1 through 8.1.13, update to version 8.1.14 or later to resolve the issue. For versions 9.0 through 9.0.6, update to version 9.0.7 or later to resolve the issue.