Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
829
VMScore

CVE-2020-2034

Published: 08/07/2020 Updated: 14/07/2020
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2
VMScore: 829
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Pan-os

Vulnerability Summary

An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based malicious user to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1. Prisma Access services are not impacted by this vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

paloaltonetworks pan-os

Github Repositories

https://github.com/noperator/panos-scanner

Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface.

PAN-OS GlobalProtect Portal Scanner Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface Developed with ❤️ by the Bishop Fox Cosmos (formerly CAST) team Description Getting started Back matter Description Palo Alto's GlobalProtect portal, a feature of PAN-OS, has been the subject of several critical-severity vulne

https://github.com/blackhatethicalhacking/CVE-2020-2034-POC

Determine the Version Running on the Palo Alto Network Firewall for the Global Protect Portal

CVE-2020-2034-POC Determine the Version Running on the Palo Alto Network Firewall for the Global Protect Portal Recently a lot of critical vulnerabilities were announced by Palo Alto Networks here: securitypaloaltonetworkscom/?severity=CRITICAL&product=PAN-OS&sort=-date This is a PoC to determine the version used by the firewall, by examining the etag

Recent Articles

If you haven't potentially exposed 1000s of customers once again with networking vulns, step forward... Not so fast, Palo Alto Networks
The Register • Shaun Nichols in San Francisco • 09 Jul 2020

Getting to be a real PAN in the OS US govt warns foreign hackers 'will likely try to exploit' critical firewall bypass bug in Palo Alto gear – patch now

Palo Alto Networks has emitted its second software update in as many weeks to address a potentially serious security vulnerability in its products. The vendor on Wednesday issued an advisory for CVE-2020-2034, a remote code execution flaw in its PAN-OS GlobalProtect portal, which can be exploited by a remote unauthenticated miscreant to execute arbitrary commands on the gateway as a superuser: No in-the-wild attacks have been reported... yet. Palo Alto confirmed to The Register that GlobalProtec...

Read more...

References

CWE-78https://security.paloaltonetworks.com/CVE-2020-2034https://nvd.nist.govhttps://github.com/noperator/panos-scannerhttps://www.theregister.co.uk/2020/07/09/palo_alto_fix/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook