CISA Warning Against Active Exploitation of Palo Alto Networks’ PAN-OS Vulnerability

CISA added Palo Alto Networks PAN-OS to its Catalog of Known Exploited Vulnerabilities based on evidence of active exploitation

This critical vulnerability is tracked with code CVE-2022-0028 (CVSS: 8.6 High). The vulnerability is the misconfiguration of a URL filtering policy. Misconfiguration of the PAN-OS URL filtering policy could allow a network-based attacker to perform mirrored and amplified TCP denial-of-service (RDoS) attacks.

Palo Alto Networks said that

exploiting this issue will not affect the confidentiality, integrity, or availability of its products.

“However, the resulting denial of service (DoS) attack can help disguise the identity of the attacker and expose the firewall as the source of the attack,” Palto Alto Networks added.

Customers are encouraged to apply patches for affected products to mitigate potential threats.

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-0028

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

https://security.paloaltonetworks.com/CVE-2022-0028