An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network-based attacker to execute arbitrary OS commands with root privileges. An attacker would require some level of specific information about the configuration of an impacted firewall or perform brute-force attacks to exploit this issue. This issue cannot be exploited if the GlobalProtect portal feature is not enabled.
This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1.
Prisma Access services are not impacted by this vulnerability. Firewalls that were upgraded to the latest versions of PAN-OS to resolve CVE-2020-2021 are not vulnerable to this issue.
Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.
|9.1||< 9.1.3||>= 9.1.3|
|9.0||< 9.0.9||>= 9.0.9|
|8.1||< 8.1.15||>= 8.1.15|
This issue is applicable only where GlobalProtect portal is enabled.
CVSSv3.1 Base Score: 8.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.
PAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies.
Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 58658 on traffic destined for the GlobalProtect portal will block attacks against CVE-2020-2034.