Lucene search
K

9 matches found

GithubExploit
GithubExploit
added 2022/04/26 8:41 a.m.75 views

Exploit for Stack-based Buffer Overflow in Paloaltonetworks Pan-Os

CVE-2021-3064: Pan-OS Remote Buffer Overflow + HTTP Smuggling...

10CVSS7.7AI score0.19087EPSS
Exploits1
Trellix
Trellix
added 2021/11/30 12:0 a.m.45 views

The Bug Report November 2021 Edition

The Bug Report — November 2021 Edition By Mark Bereza · November 30, 2021 Your Cybersecurity Comic Relief CVE-2021-20322: Of all the words of mice and men, the saddest are, “it was DNS again.” Why am I here? For all our newcomers, welcome to the Advanced Threat Research team’s monthly bug report ...

10CVSS8.2AI score0.19087EPSS
Exploits2
hivepro
hivepro
added 2021/11/15 12:18 p.m.78 views

Randori discovered Zero-day in Palo Alto’s GlobalProtect Firewall, affecting ~10,000 assets.

Outline Palo Alto Networks PAN released an update on November 10, 2021, that patched CVE-2021-3064, which was discovered and disclosed by Randori. This vulnerability affects PAN firewalls that use the GlobalProtect Portal VPN, and it allows for unauthenticated remote code execution on susceptible...

10CVSS10.1AI score0.19087EPSS
Exploits1
hivepro
hivepro
added 2021/11/14 10:42 a.m.60 views

A zero-day vulnerability has been discovered in PAN’s GlobalProtect firewall

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Palo Alto Networks PAN released an update on November 10, 2021, that patched CVE-2021-3064, which was discovered and disclosed by Randori. This vulnerability affects PAN firewalls that use the GlobalProtect Portal VPN, and ...

10CVSS10AI score0.19087EPSS
Exploits1
CISA
CISA
added 2021/11/12 12:0 a.m.43 views

Palo Alto Networks Release Security Updates for PAN-OS

Palo Alto Networks has released security updates to address a vulnerability affecting PAN-OS firewall configurations with GlobalProtect portal and gateway interfaces. These updates address a vulnerability that only affects old versions of PAN-OS 8.1.16 and earlier. An unauthenticated attacker wit...

10CVSS9AI score0.19087EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2021/11/11 6:35 a.m.76 views

Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN

A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices with root user privileges. Tracked as CVE-2021-3064 CVSS score: 9.8, the security weakness impact...

10CVSS10AI score0.19087EPSS
Exploits1
Cvelist
Cvelist
added 2021/11/10 5:10 p.m.42 views

CVE-2021-3064 PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces

A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the...

9.8CVSS10AI score0.19087EPSS
Exploits1References1
CVE
CVE
added 2021/11/10 5:10 p.m.200 views

CVE-2021-3064

CVE-2021-3064 affects PAN-OS GlobalProtect portal and gateway interfaces on PAN-OS 8.1.x before 8.1.17, causing memory corruption that can lead to unauthenticated remote code execution with root privileges when an attacker can reach the GlobalProtect service port (default 443) over the network. T...

10CVSS9.7AI score0.19087EPSS
Exploits1References1Affected Software1
ThreatPost
ThreatPost
added 2021/11/10 5:0 p.m.65 views

Massive Zero-Day Hole Found in Palo Alto Security Appliances

Researchers have developed a working exploit to gain remote code execution RCE via a massive vulnerability in a security appliance from Palo Alto Networks PAN, potentially leaving 10,000 vulnerable firewalls with their goods exposed to the internet. The critical zero day, tracked as CVE 2021-3064...

10CVSS9.7AI score0.19087EPSS
Exploits1References18
Rows per page
Query Builder