Palo Alto Networks GlobalProtect Vulnerability

Integration Partner’s wants to make you aware of a recently identified vulnerability that impacts Palo Alto Network’s GlobalProtect on Firewalls running version 8.1.   

  • This vulnerability (https://security.paloaltonetworks.com/CVE-2021-3064 ) was fixed in PANOS version 8.1.17 (released in 2020) but this exploit was only discovered recently. This is a remote code execution exploit and has a critical severity score of 9.8.  
  • Any firewall running PANOS prior to 8.1.17 should upgrade as soon as possible!  
  • On the 5000 series of hardware (5020, 5050, 5060), PANOS 8.1 is the latest code support and the current preferred release (as of November 2021) is 8.1.20. 
  • For all other platforms, considering moving to 9.x or 10.x. PANOS 8.1.x also goes end of support March 1, 2022 so you should upgrade before that point.  

Feel free to contact us if you have any questions or need any assistance by visiting https://integrationpartners.com/contact/ or calling our NOC at +17813578599. 

Helpful Links:  

Announcement: CVE-2021-3064 PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces: https://security.paloaltonetworks.com/CVE-2021-3064  

Palo Alto Preferred Software Releases (Support Login Required): https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-p/258304