Home  :  Support   :  Security Advisories

Security Advisories

This section provides a listing of all security vulnerabilities identified in currently supported Palo Alto Networks products. Each vulnerability is given a criticality rating and an updated status on any updates or mitigations regarding each discovered vulnerablity. Each vulnerability listing also provides a list of the versions of PAN OS the vulnerability is known to affect.

Please disclose vulnerability discoveries to the Palo Alto Networks Product Security Incident Response Team (PSIRT)

Security Advisory Listing

 Title  ID  Severity  Products Affected  First  Published  Last  Updated
Detail
Local Privilege Escalation in GlobalProtect Agent for Windows
PAN-SA-2019-0036 Medium GlobalProtect Agent 5.0.3 and earlier for Windows and GlobalProtect Agent 4.1.12 and earlier for Windows. 10/15/2019 10/15/2019
Detail
Local Privilege Escalation in GlobalProtect Agent for Linux and Mac OS
PAN-SA-2019-0037 Medium GlobalProtect Agent 5.0.4 and earlier for Linux and Mac OS and GlobalProtect Agent 4.1.12 and earlier for Linux and Mac OS. 10/15/2019 10/15/2019
Detail
Remote Command Injection in Zingbox Inspector
PAN-SA-2019-0025 Low Zingbox Inspector, versions 1.293 and earlier. 10/01/2019 10/01/2019
Detail
Command Injection in Zingbox Inspector
PAN-SA-2019-0026 High Zingbox Inspector, versions 1.286 and earlier. 10/01/2019 10/01/2019
Detail
Hardcoded Credentials in Zingbox Inspector
PAN-SA-2019-0027 High Zingbox Inspector, versions 1.294 and earlier. 10/01/2019 10/01/2019
Detail
SQL Injection in Zingbox Inspector
PAN-SA-2019-0028 High Zingbox Inspector, versions 1.288 and earlier. 10/01/2019 10/01/2019
Detail
SSH Service Exposed in Zingbox Inspector
PAN-SA-2019-0029 High Zingbox Inspector, versions 1.294 and earlier. 10/01/2019 10/01/2019
Detail
Tenant authentication bypass in Zingbox Inspector
PAN-SA-2019-0030 High Zingbox Inspector, versions 1.280 and earlier. 10/01/2019 10/01/2019
Detail
Insecure Firmware Validation in Zingbox Inspector
PAN-SA-2019-0031 Medium Zingbox Inspector, versions 1.294 and earlier. 10/01/2019 10/01/2019
Detail
Command Injection in Zingbox Inspector
PAN-SA-2019-0032 Medium Zingbox Inspector, versions 1.293 and earlier. 10/01/2019 10/01/2019
Detail
Server-side Request Forgery in Zingbox Inspector
PAN-SA-2019-0033 Low Zingbox Inspector, versions 1.294 and earlier. 10/01/2019 10/01/2019
Detail
ARP Spoofing in Zingbox Inspector
PAN-SA-2019-0034 Low Zingbox Inspector, versions 1.294 and earlier. 10/01/2019 10/01/2019
Detail
Insecure Password Storage in Zingbox Inspector
PAN-SA-2019-0035 Low Zingbox Inspector, versions 1.294 and earlier. 10/01/2019 10/01/2019
Detail
Escalation of Privilege in Twistlock
PAN-SA-2019-0024 Low Twistlock console 19.07.357 and earlier 08/22/2019 08/23/2019
Detail
Remote code execution in PAN-OS SSH management interface
PAN-SA-2019-0022 Critical PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. 08/21/2019 08/23/2019
Detail
Memory Corruption in PAN-OS
PAN-SA-2019-0021 Critical PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. 08/21/2019 08/21/2019
Detail
Memory Corruption in PAN-OS
PAN-SA-2019-0023 High PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. PAN-OS 7.1 and 8.0 are NOT affected. 08/21/2019 08/21/2019
Detail
Remote Code Execution in GlobalProtect Portal/Gateway Interface
PAN-SA-2019-0020 Critical PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier releases. PAN-OS 9.0 is not affected. 07/18/2019 07/24/2019
Detail
Privilege Escalation in PAN-OS
PAN-SA-2019-0017 Medium PAN-OS 7.1.23 and earlier, PAN-OS 8.0.17 and earlier, PAN-OS 8.1.8 and earlier, and PAN-OS 9.0.2 and earlier. 07/15/2019 07/15/2019
Detail
Command Injection in PAN-OS
PAN-SA-2019-0018 Medium PAN-OS 9.0.2 and earlier. PAN-OS 7.1, PAN-OS 8.0 and PAN-OS 8.1 are NOT affected. 07/15/2019 07/15/2019
Detail
Information Disclosure in PAN-OS Management API Usage
PAN-SA-2019-0019 Medium PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier. 07/15/2019 07/15/2019
Detail
Information Disclosure in WildFire Appliance (WF-500)
PAN-SA-2019-0016 Medium WildFire Appliance (WF-500) running appliance software all versions of 7.1, versions 8.0.17 and earlier, and versions of 8.1.8 and earlier. 07/08/2019 07/08/2019
Detail
Information about TCP SACK Panic Findings in PAN-OS
PAN-SA-2019-0013 High PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2-h3 and earlier. GlobalProtect Gateway and GlobalProtect portal are NOT affected by these issues. 06/27/2019 06/28/2019
Detail
Code Injection Vulnerability in Traps
PAN-SA-2019-0014 Low Traps 5.0.5 and earlier, including all 4.x releases. These releases did not have the file protection (SPROT) enabled by default. Traps 5.0.6, 6.0 and later are NOT affected. 06/27/2019 06/27/2019
Detail
Cross Site Scripting (XSS) in MineMeld
PAN-SA-2019-0015 Low Open Source Community Supported MineMeld version 0.9.60 and earlier. AutoFocus-Hosted MineMeld is NOT affected. 06/27/2019 06/27/2019