Last revised: 09/12/2016
Palo Alto Networks firewalls do not properly sanitize the root_reboot local invocation which can potentially allow executing code with higher privileges (Ref. 92293) (CVE-2016-1712).
Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability.
PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.11 and earlier; PAN-OS 7.0.7 and earlier
PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.12 and later; PAN-OS 7.0.8 and later
Kasif Dekel, CheckPoint Security Team