Palo Alto firewalls have some worrying serious flaws

News
By
published

The company doesn't agree, though

Best free Linux firewalls
Image credit: Pixabay (Image credit: Pixabay)
  • Security researchers from Eclypsium find several bugs in multiple Palo Alto Networks firewalls
  • They claim the vulnerabilities are quite severe
  • Palo Alto Networks says if the OS is up to date, and security settings nominal, there is no risk

Security researchers have slammed Palo Alto Networks firewalls, claiming to have discovered severe vulnerabilities which undermine the entire point of the products.

Cybersecurity researchers Eclypsium published a report detailing a host of security flaws impacting Palo Alto Networks’ firewall firmware as well as misconfigured security features.

The company responded by saying the vulnerabilities were a stretch, that they’re close to impossible to leverage in the wild, and that they’ve not seen them abused anywhere.

LogoFAIL, PixieFAIL, and other woes

"These weren't obscure, corner-case vulnerabilities," the researchers said. "Instead these were very well-known issues that we wouldn't expect to see even on a consumer-grade laptop. These issues could allow attackers to evade even the most basic integrity protections, such as Secure Boot, and modify device firmware if exploited."

Eclypisum said the flaws were found in PA-3260, PA-1410, and PA-415. The first one reached end-of-sale in mid-2023, while the other two are still fully supported.

The bugs are tracked as CVE-2020-10713, CVE-2022-24030, CVE-2021-33627, CVE-2021-42060, CVE-2021-42554, CVE-2021-43323, and CVE-2021-45970, LogoFAIL, PixieFail, CVE-2023-1017, and Intel bootguard leaked keys bypass.

After the news broke, The Hacker News reached out to the company for comment. Palo Alto Networks responded by saying that “the scenarios required for successful exploitation do not exist on up-to-date PAN-OS software under normal conditions with secured management interfaces deployed according to best practice guidelines.”

In other words, if the firewalls’ OS is up to date, and secured management interfaces are properly deployed, there is no risk.

“Palo Alto Networks is not aware of any malicious exploitation of these issues. We stand by the quality and integrity of our technology,” it added.

“While the conditions required to exploit these vulnerabilities are not available to users or administrators of PAN-OS software, we are working with the third-party vendor to develop any mitigations that may be needed. We will provide further updates and guidance to impacted customers as they become available.”

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.