What is the issue?
A critical remote code execution vulnerability has been detected in the Palo Alto GlobalProtect portal and GlobalProtect Gateway products.
What is the vulnerability?
The critical vulnerability was discovered by security researchers Orange Tsai and Meh Chang during Red Team assessment services.
“The researchers sought to identify whether any large organizations might be running a vulnerable version of GlobalProtect. They found that popular ride-hailing service, Uber, was running an unpatched version. They confirmed their exploit worked against Uber and reported their findings,” Tenable said in a blog.
Palo Alto Networks has patched the vulnerability in its latest versions PAN-OS 7.1.19, PAN-OS 8.0.12, PAN-OS 8.1.3.
“If you have not already upgraded to the available updates listed above and cannot do so now, we recommend that you update to content release 8173, or a later version, and confirm threat prevention is enabled and enforced on traffic that passes through the GlobalProtect portal and GlobalProtect Gateway interface,” the security advisory read.