Published Apr 12, 2024
·
Last updated 5 months ago
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.
The serious vulnerability affects a number of Palo Alto GlobalProtect devices which utilize device analytics. Active exploitation of this vulnerability has been witnessed by a number of organizations.
More information is available in our blog post here.
Data from CISA
Palo Alto Networks PAN-OS Command Injection Vulnerability
Apr 12, 2024
Apr 19, 2024
Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.
psirt@paloaltonetworks.com
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F54B40AC-A555-4447-B147-576D17CAB12A"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEC5E9D4-1B58-4C89-8B68-47F996C04234"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDDEB31F-EFDD-4A66-9687-7FFCF8EFDAAF"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C664207-FA80-467E-853B-CBF61F01115F"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F30A71D-281E-4BF8-803F-05B517399C6A"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5CB7F608-4F03-46EF-A27E-4C8F5363FF5E"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2269819F-11BD-482C-B8D2-96A9C7AD54D4"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33340036-0E81-41CD-AFC4-480F509F8DD2"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D7986DC-187D-4798-8B4A-7D23DF0EE0C8"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D1FAC78-7714-48EC-9FDB-1A565814B958"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B86668F-7BC5-4F50-AE80-E99F6DE370D7"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E4172BC-EA53-4E01-B14D-BA897EBA2EAE"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98F219AD-A22F-47AC-88FE-B3F75AE059AC"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A79C13FD-C909-4FEE-AE24-A085E953D887"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7FCFB45-1150-4F9C-8E4B-3DB2ADE89454"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D4B4DCE-1593-4F8A-A461-A41290FE0041"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50F0801B-FC9F-4018-A837-CAB8CB9C9CD4"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8C4AC1F-4FF0-4500-AFBB-F29613358156"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FE16CA7-422A-4A53-8DDC-CB3A982C154F"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "135588B5-6771-46A3-98B0-39B4873FD6FD"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6ADF2A5B-DC55-44B1-A033-4A29C32AB5B1"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A17FE6D6-E0C3-4E82-A721-75C4E8001984"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20673F1E-733D-41C4-A644-C482431C26EC"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "156DA55E-4152-47BF-A067-136EEC9ADE22"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2D2F5C4-7ACC-4514-ADBD-3948158B93CC"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEE36B5C-262E-42B0-B3C1-5EAA003E84B7"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "619AD3DA-9384-4CC5-9F3D-66DB5A055BCB"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1360C403-BCD8-420E-B907-4127E12B3A3A"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22206C8D-A8E8-4947-A277-F3256FD5D8ED"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3AF86BD-C317-45C7-96B6-34BD82579FDB"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09F61A78-1B7C-41F1-A0D8-0AB1E7ADF68C"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B7C37B3-EDA9-45D9-94A2-E7B24BA6C887"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8C42D98-CF8F-456B-9D57-80BBDC2C8E74"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "776E06EC-2FDA-4664-AB43-9F6BE9B897CA"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBE09375-A863-42FF-813F-C20679D7C45C"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1311961A-0EF6-488E-B0C2-EDBD508587C9"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D64390F-F870-4DBF-B0FE-BCDFE58C8685"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBA2B4FA-16C2-41B9-856D-EDC0CAF7A164"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D814F3A3-5E9D-426D-A654-1346D9ECE9B3"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C7E9211-7041-4720-B4B9-3EA95D425263"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BB72E15-486F-491F-A08D-E1AC2C8AB121"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5E7EFD5-2179-45BF-BF5B-197B66903D9C"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3EF4AE4F-36F3-4923-AE1E-DE9E036D4E2F"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10587864-8777-40F9-B162-BFBFAB8F5E06"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10A69DAE-5AD5-4E1C-9DF0-C7B7BB023B66"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFAA23E0-232D-42AA-A5A9-87063348D0DF"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50EA3EAC-91BD-4B30-A885-BED95B48CC3F"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD0CC02E-6079-4094-A355-E3300D7D4DD1"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C25AD9EA-7DDC-4704-9D7C-A1D6C1F5F696"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2416C2EF-1085-493D-84D7-18F7577D4A01"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E1D99D8-300C-4985-835C-3EBA2BFC098B"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B689FAD-0469-4222-A7EF-3268CCDA43A7"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB3F7D3E-1479-435B-9249-F8F963440D0A"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D27A5944-FCD8-44AB-9986-0FCA24E81F5B"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4425F47-446D-49C1-AAC9-5F5B7E5422A6"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC74ECE3-4F2C-450C-A781-16B1E53AF960"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0ED8E63-B8F0-482A-A8A9-13C21D60EEB9"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9110DBFB-07D6-4D64-A8AA-C0E7A7037A87"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "723956E9-11FD-42A0-8A35-C1FDE9E1877C"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5601B7E0-68C9-4226-AA3D-D20012F6394B"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82FBA0C5-1385-42DD-A85D-DA1D818D0EF3"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FAC22EB-FB4C-4E9D-99A1-D4902262ED06"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3D65F1C-B055-408E-B7F2-512F13BEDCA6"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1B284FD-575E-46EA-95D8-D9E5FBBA8229"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DC41D6E-8632-44BB-BC05-7C22A02306A2"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF099226-A77E-4FDC-A044-8CA46D015C2C"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F7627B3-A463-4570-BA23-663FEB7B4A8B"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "275872C1-1EBB-4447-8C9F-347F757BFF42"
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F36A8CA-4B15-4A88-BA51-2346506DE6E5"
}
],
"operator": "OR"
}
]
}
]