1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Palo Alto firewalls have some worrying serious flaws

    From TechnologyDaily@1337:1/100 to All on Fri Jan 24 15:00:06 2025
    Palo Alto firewalls have some worrying serious flaws

    Date:
    Fri, 24 Jan 2025 14:52:00 +0000

    Description:
    Security researchers claim to have found a swathe of flaws, but Palo Alto
    says they can't be abused.

    FULL STORY ======================================================================Security
    researchers from Eclypsium find several bugs in multiple Palo Alto Networks firewalls They claim the vulnerabilities are quite severe Palo Alto Networks says if the OS is up to date, and security settings nominal, there is no risk

    Security researchers have slammed Palo Alto Networks firewalls , claiming to have discovered severe vulnerabilities which undermine the entire point of
    the products.

    Cybersecurity researchers Eclypsium published a report detailing a host of security flaws impacting Palo Alto Networks firewall firmware as well as misconfigured security features.

    The company responded by saying the vulnerabilities were a stretch, that theyre close to impossible to leverage in the wild, and that theyve not seen them abused anywhere. LogoFAIL, PixieFAIL, and other woes

    "These weren't obscure, corner-case vulnerabilities," the researchers said. "Instead these were very well-known issues that we wouldn't expect to see
    even on a consumer-grade laptop. These issues could allow attackers to evade even the most basic integrity protections, such as Secure Boot, and modify device firmware if exploited."

    Eclypisum said the flaws were found in PA-3260, PA-1410, and PA-415. The
    first one reached end-of-sale in mid-2023, while the other two are still
    fully supported.

    The bugs are tracked as CVE-2020-10713, CVE-2022-24030, CVE-2021-33627, CVE-2021-42060, CVE-2021-42554, CVE-2021-43323, and CVE-2021-45970, LogoFAIL, PixieFail, CVE-2023-1017, and Intel bootguard leaked keys bypass.

    After the news broke, The Hacker News reached out to the company for comment. Palo Alto Networks responded by saying that the scenarios required for successful exploitation do not exist on up-to-date PAN-OS software under normal conditions with secured management interfaces deployed according to best practice guidelines.

    In other words, if the firewalls OS is up to date, and secured management interfaces are properly deployed, there is no risk.

    Palo Alto Networks is not aware of any malicious exploitation of these
    issues. We stand by the quality and integrity of our technology, it added.

    While the conditions required to exploit these vulnerabilities are not available to users or administrators of PAN-OS software, we are working with the third-party vendor to develop any mitigations that may be needed. We will provide further updates and guidance to impacted customers as they become available. You might also like Huge data breach exposes over 600,000 records, including background checks, vehicle, and property records Here's a list of the best antivirus tools on offer These are the best endpoint protection
    tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/palo-alto-firewalls-have-some-worrying- serious-flaws


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)