Researchers discovered a massive zero-day hole in Palo Alto Networks security appliances that have since been patched allow for unauthenticated RCE and affect roughly 10,000 VPN/firewalls. Researchers developed a working exploit to gain remote code execution via the vulnerability in a security appliance from Palo Alto Networks. The critical zero-day is tracked as CVE-2021-3064 and has a CVSS rating of 9.8 out of 10 for severity. The flaw lies in Palo Alto’s GlobalProtect firewall.
On Wednesday, Randori researchers stated that if an attacker can successfully exploit the vulnerability, they can gain a shell on the targeted system, access data, and extract credentials. Once the attacker successfully establishes control over the firewall, they will boast visibility into the internal network and will be able to move laterally, says Randori.
Read More: Massive Zero-Day Hole Found in Palo Alto Security Appliances