Palo Alto Networks Security Advisories / PAN-SA-2023-0003

PAN-SA-2023-0003 Informational Bulletin: Impact of MOVEit Vulnerabilities (CVE-2023-34362, CVE-2023-35036, CVE-2023-35708)


Informational

Description

The Palo Alto Networks Product Security Assurance team has evaluated the recently disclosed critical Structured Query Language injection (SQLi) vulnerabilities (CVE-2023-34362, CVE-2023-35036, CVE-2023-35708) in the MOVEit Transfer product. Palo Alto Networks does not use MOVEit Transfer and is not impacted by these vulnerabilities.

Protecting our customers is our highest priority. Palo Alto Networks and its Unit 42 threat research team are continuing to closely monitor all developments. You can find regular updates, as well as Palo Alto Networks product protections and interim guidance here: https://unit42.paloaltonetworks.com/threat-brief-moveit-cve-2023-34362/

Product Status

VersionsAffectedUnaffected
AutoFocus NoneAll
Bridgecrew NoneAll
Cloud NGFW NoneAll
Cortex Data Lake NoneAll
Cortex XDR NoneAll
Cortex XDR Agent NoneAll
Cortex Xpanse NoneAll
Cortex XSOAR NoneAll
Enterprise Data Loss Prevention NoneAll
Exact Data Matching CLI NoneAll
Expanse NoneAll
Expedition Migration Tool NoneAll
GlobalProtect App NoneAll
IoT Security NoneAll
Okyo Garde NoneAll
Palo Alto Networks App for Splunk NoneAll
PAN-OS NoneAll
Prisma Access NoneAll
Prisma Cloud NoneAll
Prisma Cloud Compute NoneAll
Prisma SD-WAN (CloudGenix) NoneAll
Prisma SD-WAN ION NoneAll
SaaS Security NoneAll
User-ID Agent NoneAll
WildFire Appliance (WF-500) NoneAll
WildFire Cloud NoneAll

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue on any of our products.

Solution

No software updates are required at this time.

Workarounds and Mitigations

Palo Alto Networks product protections for MOVEit Transfer vulnerabilities are captured in Unit 42's Threat Brief: https://unit42.paloaltonetworks.com/threat-brief-moveit-cve-2023-34362/. These mitigations reduce the risk of exploitation from known exploits.

Timeline

Added Unit 42's threat brief in Workarounds and Mitigations
Initial Publication
© 2024 Palo Alto Networks, Inc. All rights reserved.