Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-2009

An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions. This issue affects: All versions of PAN-OS 7.1; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7.

Published

2020-05-13T19:15:13.673

Last Modified

2024-11-21T05:24:26.243

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.0

Impact Score

10.0

Weaknesses

Type: Secondary
CWE-73
Type: Primary
CWE-610

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	paloaltonetworks	pan-os	≤ 7.1.26	Yes
Operating System	paloaltonetworks	pan-os	≤ 8.0.20	Yes
Operating System	paloaltonetworks	pan-os	≤ 8.1.13	Yes
Operating System	paloaltonetworks	pan-os	≤ 9.0.6	Yes

References

https://security.paloaltonetworks.com/CVE-2020-2009 Vendor Advisory ([email protected])
https://security.paloaltonetworks.com/CVE-2020-2009 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)