Palo Alto Networks Security Advisories / CVE-2016-1712

CVE-2016-1712 Local privilege escalation

047910
Severity 7.8 · HIGH
Attack Vector LOCAL
Scope UNCHANGED
Attack Complexity LOW
Confidentiality Impact HIGH
Privileges Required LOW
Integrity Impact HIGH
User Interaction NONE
Availability Impact HIGH

Description

Palo Alto Networks firewalls do not properly sanitize the root_reboot local invocation which can potentially allow executing code with higher privileges (Ref. 92293) (CVE-2016-1712).

Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability.

This issue affects PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.11 and earlier; PAN-OS 7.0.7 and earlier

Product Status

VersionsAffectedUnaffected
PAN-OS 7.0<= 7.0.7>= 7.0.8
PAN-OS 6.1<= 6.1.11>= 6.1.12
PAN-OS 6.0<= 6.0.13>= 6.0.14
PAN-OS 5.1<= 5.1.11>= 5.1.12
PAN-OS 5.0<= 5.0.18>= 5.0.19

Severity: HIGH

CVSSv3.0 Base Score: 7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Weakness Type

CWE-20 Improper Input Validation

Solution

PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.12 and later; PAN-OS 7.0.8 and later

Workarounds and Mitigations

N/A

Acknowledgments

Kasif Dekel, CheckPoint Security Team
© 2024 Palo Alto Networks, Inc. All rights reserved.