Vulnerability Description

Recently, NSFOCUS detected that Palo Alto Networks (PAN) released a security advisory, which announced a critical vulnerability (CVE-2020-2040) assigned a CVSS base score of 9.8. When Captive Portal is enabled or Multi-Factor Authentication (MFA) is configured, this buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to potentially disrupt system processes and execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or MFA interface. This vulnerability is easy to exploit and requires no user interaction. Affected users are advised to take measures without delay.

PAN-OS is an operating system that runs on PAN firewalls and enterprise VPN appliances.