CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit
The bug tracked as CVE-2022-0028 allows attackers to hijack firewalls without authentication, in order to mount DDoS hits on their targets of choice.
Palo Alto Networks develops cybersecurity platforms and products whose vulnerabilities, advisories, and deployments can affect network and cloud security.
Search across headline titles and summaries.
Background for this topic.
Palo Alto Networks develops cybersecurity platforms for network firewalls, cloud and application security, secure remote access, endpoint protection, and security operations. Its firewalls commonly run PAN-OS, enforcing traffic and access policies, inspecting network activity, and collecting telemetry for detection and response.
For practitioners, advisories involving PAN-OS, firewall management interfaces, or remote-access gateways can require rapid exposure assessment, patching, configuration changes, and log review for signs of exploitation. Internet-facing management services and overly broad rules are important attack surfaces; a vulnerability may be more consequential when administrative access or sensitive inspection data is involved. Cloud and endpoint components add identity, API, agent, and data-handling dependencies, so updates should be tested across integrations and privileges. Security teams should validate fixes against asset inventories, monitor relevant indicators, and control access to retained telemetry where privacy or regulatory obligations apply.
The bug tracked as CVE-2022-0028 allows attackers to hijack firewalls without authentication, in order to mount DDoS hits on their targets of choice.
The flaw would allow a network-based unauthenticated threat actor to perform DoS attacks
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation
A recent vulnerability found in Palo Alto Networks' PAN-OS has been added to the catalog of Known Exploitable Vulnerabilities from the U.S. Cybersecurity and Infrastructure Security Agency (CISA). [...]