PAN-SA-2023-0003 Informational Bulletin: Impact of MOVEit Vulnerabilities (CVE-2023-34362, CVE-2023-35036, CVE-2023-35708)
The Palo Alto Networks Product Security Assurance team has evaluated the recently disclosed critical Structured Query Language injection (SQLi) vulnerabilities (CVE-2023-34362, CVE-2023-35036, CVE-2023-35708) in the MOVEit Transfer product. Palo Alto Networks does not use MOVEit Transfer and is not impacted by these vulnerabilities.
Protecting our customers is our highest priority. Palo Alto Networks and its Unit 42 threat research team are continuing to closely monitor all developments. You can find regular updates, as well as Palo Alto Networks product protections and interim guidance here: https://unit42.paloaltonetworks.com/threat-brief-moveit-cve-2023-34362/
|Cortex Data Lake||None||all|
|Cortex XDR Agent||None||all|
|Enterprise Data Loss Prevention||None||all|
|Exact Data Matching CLI||None||all|
|Expedition Migration Tool||None||all|
|Palo Alto Networks App for Splunk||None||all|
|Prisma Cloud Compute||None||all|
|Prisma SD-WAN (CloudGenix)||None||all|
|Prisma SD-WAN ION||None||all|
|WildFire Appliance (WF-500)||None||all|
Palo Alto Networks is not aware of any malicious exploitation of this issue on any of our products.
No software updates are required at this time.
Workarounds and Mitigations
Palo Alto Networks product protections for MOVEit Transfer vulnerabilities are captured in Unit 42's Threat Brief: https://unit42.paloaltonetworks.com/threat-brief-moveit-cve-2023-34362/. These mitigations reduce the risk of exploitation from known exploits.