CVE-2020-2040
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Palo Alto Networks | PAN-OS | 8.0.* | affected |
| Palo Alto Networks | PAN-OS | 9.0 < 9.0.9 | affected |
| Palo Alto Networks | PAN-OS | 9.1 < 9.1.3 | affected |
| Palo Alto Networks | PAN-OS | 8.1 < 8.1.15 | affected |
| Palo Alto Networks | PAN-OS | 10.0.0 < 10.0* | unaffected |
Weaknesses
- CWE-120: CWE-120 Buffer Overflow
Workarounds
Until PAN-OS software is upgraded to a fixed version, enabling signatures in content update version 8317 will block attacks against CVE-2020-2040.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.