Cybersecurity specialists report the detection of a severe vulnerability in PAN-OS, the operating system with which the solutions developed by Palo Alto Networks work. While flaw is not particularly risky, widespread use of PAN-OS may prove to be a factor to consider.

Tracked as CVE-2021-3048, this flaw exists due to insufficient validation of user-provided input through an external dynamic list (EDL), which can cause a device server dameon (sevsrvr) to fail.

This condition causes subsequent commits to the firewall to fail and prevents administrators from making configuration changes, even if the firewall continues to function. If the firewall restarts, this chain of incidents results in a denial of service (DoS) condition.

This is a flaw of medium severity and received a score of 5.2/10 according to the Common Vulnerability Scoring System (CVSS).

The vulnerability resides in the following versions of Palo Alto PAN-OS: 9.0.0, 9.0.1, 9.0.2, 9.0.2-h4, 9.0.3, 9.0.3-h2, 9.0.3-h3, 9.0.4, 9.0.5, 9.0.5-h3, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.0.10, 9.0.11, 9.0.12, 9.0.13, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4, 9.1.5, 9.1.6, 9.1.7, 9.1.8, 10.0.0, 10.0.1, 10.0.2, 10.0.3 and 10.0.4.

Even though CVE-2021-3048 can be exploited remotely by unauthenticated threat actors, researchers have not detected exploit attempts in real scenarios or the existence of a malware variant associated with the attack.

The updates are now available, so users of affected deployments are encouraged to install them as soon as possible. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.