Published on: 10 September 2020
Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS. The detailed information about the vulnerabilities can be found at:
https://security.paloaltonetworks.com/CVE-2020-2036
https://security.paloaltonetworks.com/CVE-2020-2037
https://security.paloaltonetworks.com/CVE-2020-2038
https://security.paloaltonetworks.com/CVE-2020-2039
https://security.paloaltonetworks.com/CVE-2020-2040
https://security.paloaltonetworks.com/CVE-2020-2041
https://security.paloaltonetworks.com/CVE-2020-2042
https://security.paloaltonetworks.com/CVE-2020-2043
https://security.paloaltonetworks.com/CVE-2020-2044
Please note that PAN-OS 8.0 has reached its End-Of-Life (EOL) on 31.10.2019. No security updates will be provided after that. Users should arrange upgrading the PAN-OS to supported versions or migrating to other supported technology.
Depending on the vulnerability exploited, a successful attack could lead to arbitrary code execution, arbitrary command execution, information disclosure, elevation of privilege, cross-site scripting or denial of service on an affected system.
Software updates for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
System administrators should contact their product support vendors for the fixes and assistance.
https://security.paloaltonetworks.com/CVE-2020-2036
https://security.paloaltonetworks.com/CVE-2020-2037
https://security.paloaltonetworks.com/CVE-2020-2038
https://security.paloaltonetworks.com/CVE-2020-2039
https://security.paloaltonetworks.com/CVE-2020-2040
https://security.paloaltonetworks.com/CVE-2020-2041
https://security.paloaltonetworks.com/CVE-2020-2042
https://security.paloaltonetworks.com/CVE-2020-2043
https://security.paloaltonetworks.com/CVE-2020-2044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2036 (to CVE-2020-2044)