{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Information Disclosure  in WildFire Appliance (WF-500)"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2018-3665","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-04-08T08:02:07.679Z","generator":{"date":"2026-04-08T08:02:07.679Z","engine":{"name":"Vulnogram","version":"0.0.9"}},"id":"CVE-2018-3665","initial_release_date":"2019-07-08T22:15:00.000Z","revision_history":[{"number":"1","date":"2026-04-08T01:02:07.000Z","summary":"Initial release"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"WildFire Appliance (WF-500)","category":"product_name","branches":[{"category":"product_version_range","name":"vers:generic/WildFire Appliance (WF-500)<All","product":{"name":"Palo Alto Networks WildFire Appliance (WF-500)","product_id":"PANW-WildFire-Appliance-(WF-500)-2"}},{"category":"product_version_range","name":"vers:generic/WildFire Appliance (WF-500)<8.1.9","product":{"name":"Palo Alto Networks WildFire Appliance (WF-500)","product_id":"PANW-WildFire-Appliance-(WF-500)-3"}},{"category":"product_version_range","name":"vers:generic/WildFire Appliance (WF-500)>=8.1.9","product":{"name":"Palo Alto Networks WildFire Appliance (WF-500)","product_id":"PANW-WildFire-Appliance-(WF-500)-3"}},{"category":"product_version_range","name":"vers:generic/WildFire Appliance (WF-500)<8.0.18","product":{"name":"Palo Alto Networks WildFire Appliance (WF-500)","product_id":"PANW-WildFire-Appliance-(WF-500)-4"}},{"category":"product_version_range","name":"vers:generic/WildFire Appliance (WF-500)>=8.0.18","product":{"name":"Palo Alto Networks WildFire Appliance (WF-500)","product_id":"PANW-WildFire-Appliance-(WF-500)-4"}},{"category":"product_version_range","name":"vers:generic/WildFire Appliance (WF-500)<All","product":{"name":"Palo Alto Networks WildFire Appliance (WF-500)","product_id":"PANW-WildFire-Appliance-(WF-500)-5"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2018-3665","product_status":{"fixed":["PANW-WildFire-Appliance-(WF-500)-3","PANW-WildFire-Appliance-(WF-500)-4"],"known_affected":["PANW-WildFire-Appliance-(WF-500)-2","PANW-WildFire-Appliance-(WF-500)-3","PANW-WildFire-Appliance-(WF-500)-4"],"known_not_affected":["PANW-WildFire-Appliance-(WF-500)-5"]},"notes":[{"category":"description","text":"Palo Alto Networks has determined that the WildFire Appliance (WF-500) is affected by the vulnerability disclosure known as LazyFP and has completed an update to address these issues. The WildFire Appliance (WF-500) software update is now available to customers that use the WildFire Appliance (WF-500) for on-premise sandboxing. Please note that customers using the WildFire cloud service are NOT impacted by this advisory. (PAN-99016/CVE-2018-3665)\n\nSuccessful exploitation of this issue may allow reads from a compromised sandbox VM (guest OS) to retrieve data from other VMs (another guest OS) or the PAN-OS operating system (host OS) as a result of breaching the separation between kernel and user address space. The analysis method utilized by the WildFire Appliance (WF-500) and WildFire Cloud helps to mitigate the impact of this issue. Each virtualized file analysis session is unique and each session is terminated and destroyed after analysis is complete. The uniqueness of each file analysis session coupled with the limited amount of time allowed to execute an attack within the environment limits the scope of impact that the attacker can have on the sandbox VM (guest OS) and the PAN-OS operating system (host OS). \nThis issue affects WildFire Appliance (WF-500) running appliance software all versions of 7.1, versions 8.0.17 and earlier, and versions of 8.1.8 and earlier. "}],"references":[{"category":"external","summary":"NVD - CVE-2018-3665","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-3665"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2018-3665","url":"https://security.paloaltonetworks.com/CVE-2018-3665"}],"threats":[{"category":"impact","description":"Palo Alto Networks has determined that the WildFire Appliance (WF-500) is affected by the vulnerability disclosure known as LazyFP and has completed an update to address these issues. The WildFire Appliance (WF-500) software update is now available to customers that use the WildFire Appliance (WF-500) for on-premise sandboxing. Please note that customers using the WildFire cloud service are NOT impacted by this advisory. (PAN-99016/CVE-2018-3665)\n\nSuccessful exploitation of this issue may allow reads from a compromised sandbox VM (guest OS) to retrieve data from other VMs (another guest OS) or the PAN-OS operating system (host OS) as a result of breaching the separation between kernel and user address space. The analysis method utilized by the WildFire Appliance (WF-500) and WildFire Cloud helps to mitigate the impact of this issue. Each virtualized file analysis session is unique and each session is terminated and destroyed after analysis is complete. The uniqueness of each file analysis session coupled with the limited amount of time allowed to execute an attack within the environment limits the scope of impact that the attacker can have on the sandbox VM (guest OS) and the PAN-OS operating system (host OS). \nThis issue affects WildFire Appliance (WF-500) running appliance software all versions of 7.1, versions 8.0.17 and earlier, and versions of 8.1.8 and earlier. "}],"scores":[{"cvss_v3":{"version":"3.1","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseSeverity":"MEDIUM","baseScore":5.6,"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},"products":["PANW-WildFire-Appliance-(WF-500)-2","PANW-WildFire-Appliance-(WF-500)-3","PANW-WildFire-Appliance-(WF-500)-4"]}]}]}