by Artie Kaye
A flaw allowing unauthorized users to execute commands at root level has been patched. The PAN-OS firewall versions 10.2, 11.0, and 11.1 are affected and should be updated as soon as possible. There is evidence that malicious actors exploited the flaw in March before the flaw was discovered and reported to the company. Since the initial announcement—which included mitigation instructions before the official patch was available—active attacks have been monitored through this vector. It is strongly advised to update any Palo Alto devices running this software. The CVE rating for this is 10 on a scale of 10.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)