CISA Warns Against Active Exploitation of Palo Alto Networks PAN-OS Vulnerability
The US Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw affecting Palo Alto Networks PAN-OS at its Catalog of known exploited vulnerabilitiesbased on evidence of active exploitation.
The high-severity vulnerability, tracked as CVE-2022-0028 (CVSS score: 8.6), is a URL filtering policy misconfiguration that could allow a remote, unauthenticated attacker to conduct reflected and amplified TCP denial of service (DoS) attacks.
“If exploited, this issue would not impact the confidentiality, integrity, or availability of our products,” Palo Alto Networks said in an alert. “However, the resulting denial of service (DoS) attack can help mask the identity of the attacker and implicate the firewall as the source of the attack.
The weakness affects the following product releases and has been addressed as part of updates released this month –
- Pan OS 10.2 (version
- PAN OS 10.1 (version
- PAN OS 10.0 (version
- PAN OS 9.1 (version
- PAN-OS 9.0 (version
- PAN OS 8.1 (version
The network equipment maker said it discovered the vulnerability after being informed that sensitive firewalls from various vendors, including Palo Alto Networks, were being used in an attempted denial of service attack ( RDoS).
In light of active exploitation, customers of affected products are advised to apply appropriate patches to mitigate potential threats. Federal Civilian Executive Branch (FCEB) agencies are mandated to update to the latest version by September 12, 2022.