- Security researchers from Eclypsium Find more bugs in more Palo Alto Networks Firewalls
- They claim that the vulnerabilities are quite serious
- Palo Alto Networks says that if the OS is up to date and security settings are nominal, there is no risk
Security researchers have slammed Palo Alto Networks Firewalls, claiming to have discovered serious vulnerabilities that undermine the products.
Cybersecurity researchers Eclypsium published a report detailing a number of security flaws affecting Palo Alto Networks’ firewall firmware as well as misconfigured security features.
The company responded by saying that the vulnerabilities were a stretch, that they are close to impossible to exploit in the wild, and that they have not seen them exploited anywhere.
Logofail, Pixiefail and other evils
“These were not obscure, corner-case vulnerabilities,” the researchers said. “Instead, these were very well-known issues that we wouldn’t expect to see even on a consumer-grade laptop. These issues, if exploited, could allow attackers to bypass even the most basic integrity protections, such as Secure Boot, and change device firmware “
Eclypisum said the deficiencies were found in PA-3260, PA-1410 and PA-415. The first reached end-of-sale in mid-2023, while the other two are still fully supported.
Bugs are tracked as CVE-2020-10713, CVE-2022-24030, CVE-2021-33627, CVE-2021-42060, CVE-2021-42554, CVE-2021-43323, and CVE-2021-45970, LOGOFAIL, Pixiefail, CVE-2023-1017 and Intel Bootguard leaked keys bypass.
After the news broke, The hacker news reached out to the company for comment. Palo Alto Networks responded by saying that “the scenarios required for successful exploitation do not exist on updated PAN-OS software under normal conditions with secured management interfaces implemented according to best practice guidelines.”
In other words, if the Firewalls’ OS is up to date and secure management interfaces are properly implemented, there is no risk.
“Palo Alto Networks is not aware of any malicious exploitation of these questions. We stand by the quality and integrity of our technology,” it added.
“While the conditions required to exploit these vulnerabilities are not available to users or administrators of PAN-OS software, we are working with the third-party vendor to develop any mitigations that may be necessary. We will provide additional updates and guidance to affected customers as they become available. “
