PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability

CVE-2021-3054
7.2HIGH

Key Information

Vendor
Palo Alto Networks
Status
Pan-os
Vendor
CVE Published:
8 September 2021

Badges

👾 Exploit Exists

Summary

A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7; PAN-OS 10.1 versions earlier than PAN-OS 10.1.2. This issue does not affect Prisma Access.

Affected Version(s)

PAN-OS < 8.1.20

PAN-OS < 9.0.14

PAN-OS < 10.0.7

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit exists.

  • Risk change from: 6.6 to: 7.2 - (HIGH)

  • Initial publication

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database

Credit

Palo Alto Networks thanks Praetorian for discovering and reporting this issue.
.