Critical RCE Flaw in Palo Alto Gateways Hits Uber
Tenable researchers have uncovered a remote code-execution (RCE) flaw affecting the VPN software offered by Palo Alto Networks. The vulnerability, tracked as CVE-2019-1579, was inadvertently fixed in the latest versions of the software, even though the company was unaware of it at the time.
However, older versions of the VPN solutions remain vulnerable, which means that firms using those versions are still at risk. Uber is among the organizations affected.