Palo Alto Networks has discovered a critical vulnerability in its PAN-OS operating system that could enable unauthenticated attackers to run arbitrary code on devices with the highest-level root superuser privileges.
The buffer overflow vulnerability is found only when either the device has the Captive Portal enabled, or multi-factor authentication configured, allowing attackers to send malicious requests to them.
Given the Common Vulnerabilties and Exposures index CVE-2020-2040, the flaw is rated as critical with a score of 9.8 out of 10.
PAN-OS 10.0 is not affected by the vulnerability, but versions prior to 8.0, 8.1.15, 9.0.9 and 9.1.3 are, the company said in its security advisory.
Later versions of PAN-OS have resolved the issue.
As of yet, Palo Alto Networks is not aware of any active exploitation of the vulnerability.
Separately, security vendor Positive Technologies has published details of three other critical vulnerabilties remedied by Palo Alto Networks.
These include the CVE-2020-2036 cross-scripting vulnerability with a score of 8.8, the CVE-2020-2037 flaw that allows arbitrary PAN-OS commands to be injected and which has a 7.2 score, similarly to the 2020-2038 flaw.
In June this year, Monash University infosec staff discovered a 10 out of 10 rated critical vulnerability in PAN-OS that is easy to exploit with no user interaction required.
The June vulnerability was deemed so serious that the United States cyber command issued a public alert, advising users to patch their Palo Alto Network devices immediately, or face being attacked by nation-state hackers.