Government of the Republic of Trinidad and Tobago

Securing the Nation's Digital Infrastructure

TT-CSIRT-399.10.11.21: Critical Vulnerability in Palo Alto GlobalProtect Portal

A critical (9.8/10) memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. TT-CSIRT encourages administrators to review the following release from Palo Alto …