Researchers have developed a collaborative effort to find the use of remote control (RCE) code at high risk on a security device from Palo Alto Networks (PAN), which could leave 10,000 fire-hazardous fire walls exposed on the Internet.
The most important day of all, followed as CVE 2021-3064 with a CVSS rating of 9.8 out of 10 at risk, is on PAN’s GlobalProtect firewall. Allows unauthorized RCE in most versions of PAN-OS 8.1 prior to 8.1.17, on both virtual and virtual fire walls.
PAN updates include versions 9.0 and 9.1, but based on Randori research, those versions are not compromised in this particular CVE. A spokesman told reporters that any updates to non-8.1 versions may not be related to CVE 2021-3064.
Read More: threatpost
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.