CVE-2021-3059

Name of the Vulnerable Software and Affected Versions PAN-OS versions earlier than 8.1.20-h1 PAN-OS versions earlier than 9.0.14-h3 PAN-OS versions earlier than 9.1.11-h2 PAN-OS versions earlier than 10.0.8 PAN-OS versions earlier than 10.1.3

Description An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This issue enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. The issue impacts Prisma Access customers with Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls.

Recommendations For PAN-OS 8.1, update to version 8.1.20-h1 or later. For PAN-OS 9.0, update to version 9.0.14-h3 or later. For PAN-OS 9.1, update to version 9.1.11-h2 or later. For PAN-OS 10.0, update to version 10.0.8 or later. For PAN-OS 10.1, update to version 10.1.3 or later.