Palo Alto Networks (PAN-OS, Cloud NGFW, etc.) Family of Products August 2024 Security Update Advisory
Overview
Palo Alto Networks(https://www.paloaltonetworks.com/) has released a security update that fixes vulnerabilities in products it has been made. Users of affected products are advised to update to the latest version.
Affected Products
Prisma Access Browser prior to 126.183.2844.1 version
Cortex XSOAR CommonScripts prior to 1.12.33 version
PAN-OS,Cloud NGFW,Prisma Access prior to 11.0.4 version
PAN-OS,Cloud NGFW,Prisma Access prior to 10.2.8 version
PAN-OS,Cloud NGFW,Prisma Access Before 8/15 on Azure, Before 8/23 on AWS
GlobalProtect App prior to 6.3.1 version
GlobalProtect App prior to 6.2.4 version
GlobalProtect App prior to 6.1.5 version
GlobalProtect App prior to 6.0.x version
GlobalProtect App prior to 5.1.x version
Resolved Vulnerabilities
In Prisma Access Browser, Prisma Access Browser (supersedes Talon Browser) has incorporated the latest upstream Chromium security fixes listed here:
– https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html
– https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html
– https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html
– https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html (pan-sa-2024-0007, cvss 8.6) [1]
Instruction Injection Vulnerability in Cortex XSOAR CommonScripts (CVE-2024-5914, CVSS 7) [2]
Vulnerability in PAN-OS, Cloud NGFW, and Prisma Access that could allow local system administrators to unintentionally disclose secrets, passwords, and tokens of external systems (CVE-2024-5916, CVSS 6) [3]
Vulnerability in GlobalProtect App that could allow local users to run programs with elevated privileges (CVE-2024-5915, CVSS 5.2) [4]
Vulnerability Patches
The following product-specific vulnerability patches were made available in the 08/14/2024 update.
Prisma Access Browser 127.100.2858.4 and later versions
Cortex XSOAR CommonScripts 1.12.33 and later versions
PAN-OS,Cloud NGFW,Prisma Access All
PAN-OS,Cloud NGFW,Prisma Access All
PAN-OS,Cloud NGFW,Prisma Access 11.0.4 and later versions
PAN-OS,Cloud NGFW,Prisma Access 10.2.8 and later versions
PAN-OS,Cloud NGFW,Prisma Access All
PAN-OS,Cloud NGFW,Prisma Access All
PAN-OS,Cloud NGFW,Prisma Access On or after 8/15 on Azure, On or after 8/23 on AWS
GlobalProtect App 6.3.1 (ETA: end of August) and later versions
GlobalProtect App 6.2.4 and later versions
GlobalProtect App 6.1.5 and later versions
GlobalProtect App 6.0.x (ETA: November 2024) and later versions
GlobalProtect App 5.1.x (ETA: December 2024) and later versions
Referenced Sites
[1] Prisma Access Browser: Monthly Vulnerability Updates
https://security.paloaltonetworks.com/PAN-SA-2024-0007
[2] Cortex XSOAR: Command Injection in CommonScripts Pack
https://security.paloaltonetworks.com/CVE-2024-5914
[3] PAN-OS: Clearext Exposure of External System Secrets
https://security.paloaltonetworks.com/CVE-2024-5916
[4] GlobalProtect App: Local Privilege Escalation (PE) Vulnerability