PT-2020-3410 · Palo Alto Networks · Pan-Os

Nicholas Newsom

Published

2020-04-08

Updated

2020-04-09

CVE-2020-1990

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions 8.1.0 through 8.1.12 Palo Alto Networks PAN-OS versions 9.0.0 through 9.0.6

Description A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges.

Recommendations For versions 8.1.0 through 8.1.12, update to version 8.1.13 or later. For versions 9.0.0 through 9.0.6, update to version 9.0.7 or later.

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

BDU:2020-03733

CVE-2020-1990

Affected Products

Pan-Os

PT-2020-3410 · Palo Alto Networks · Pan-Os

CVE-2020-1990

Weakness Enumeration

Related Identifiers

Affected Products

References · 4