CVE-2020-2042

Summary

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksPAN-OS9.1.*unaffected
Palo Alto NetworksPAN-OS9.0.*unaffected
Palo Alto NetworksPAN-OS8.1.*unaffected
Palo Alto NetworksPAN-OS10.0 < 10.0.1affected

Weaknesses

  • CWE-121: CWE-121 Stack-based Buffer Overflow

Workarounds

This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.

ADP Enrichment

CVE Program Container

Additional References

References