Local privilege escalation

ID PAN-SA-2016-0012
Type paloalto
Reporter Palo Alto Networks Product Security Incident Response Team
Modified 2016-07-13T18:30:00


Palo Alto Networks firewalls do not properly sanitize the root_reboot local invocation which can potentially allow executing code with higher privileges (Ref. 92293) (CVE-2016-1712). Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability. This issue affects PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.11 and earlier; PAN-OS 7.0.7 and earlier

Work around: N/A