Summary: A recent evaluation of three firewall models from Palo Alto Networks revealed significant security flaws in their firmware and misconfigurations that could be exploited by attackers. The identified vulnerabilities, collectively termed PANdora’s Box, include well-known issues that could allow for Secure Boot bypass and privilege escalation. This highlights the importance of maintaining and securing devices designed for protection against cyber threats.
Threat Actor: Unknown | unknown
Victim: Palo Alto Networks | Palo Alto Networks
Keypoints :
- Vulnerabilities include CVE-2020-10713, CVE-2022-24030, and several others affecting different models.
- Flaws could allow attackers to bypass Secure Boot and execute malicious code during system startup.
- Organizations are urged to adopt comprehensive supply chain security measures, including vendor assessments and firmware updates.
Source: https://thehackernews.com/2025/01/palo-alto-firewalls-found-vulnerable-to.html