News for August 24, 2022

Palo Alto Networks Firewall DoS Bug Exploited
by Artie Kaye

Caused by a URL filtering policy misconfiguration, PAN firewalls could be used to act as a vector for RDoS attacks.  Reflected Denial of Service attacks take advantage of a third party to stage the attack from, bouncing the attacks off of a service or in this case a firewall.  Palo Alto Networks have released patches for all the affected items, and they recommend updating as soon as possible.  This flaw has been actively exploited in unpatched devices since its discovery.

This flaw is listed as CVE-2022-0028.

Hikvision Camera Vulnerability
by Artie Kaye

An exploit in many Hikvision cameras is still seeing a lot of exploitation in the wild.  The flaw was reported in 2021 and in January of 2022 CISA added it to their required patch list.  The flaw could allow someone to take full control of the device, gaining access to the video, the files, or the network it is connected to.  Additionally they can be configured to run as part of a botnet.   These are actively being targeted due to the ease of access.  Approximately 10,000 of these cameras are in use in the US and are vulnerable.  Update the devices as soon as you can.  The link to the company’s update site is below.

The flaw is listed as CVE-2021-36260.