Attackers can elevate privileges by tampering with physical file system
CVE-2024-5913
6.1MEDIUM
Key Information
- Vendor
- Palo Alto Networks
- Status
- Pan-os
- Cloud Ngfw
- Prisma Access
- Vendor
- CVE Published:
- 10 July 2024
Badges
đź‘ľ Exploit Exists
Summary
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.
Affected Version(s)
PAN-OS < 10.1.14-h2
PAN-OS < 10.2.10
PAN-OS < 11.0.5
Refferences
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database
Credit
Independent Security Researcher Pear1y
Joel Land of CISA Vulnerability Response and Coordination
rqu
Enrique Castillo of Palo Alto Networks