PT-2020-3031 · Palo Alto Networks · Pan-Os

Nicholas Newsom

Published

2020-03-11

Updated

2020-05-13

CVE-2020-1979

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 8.1.13

Description A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network-based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges.

Recommendations For PAN-OS versions prior to 8.1.13, update to PAN-OS 8.1.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the Panorama management interfaces to minimize the risk of exploitation.

Fix

Use of Externally-Controlled Format String

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-134

Related Identifiers

BDU:2020-03286

CVE-2020-1979

Affected Products

Pan-Os

PT-2020-3031 · Palo Alto Networks · Pan-Os

CVE-2020-1979

Weakness Enumeration

Related Identifiers

Affected Products

References · 4