Palo Alto Networks warns of critical remote code execution bug – iTnews

Palo Alto Networks has discovered a critical vulnerability in its PAN-OS operating system that could enable unauthenticated attackers to run arbitrary code on devices with the highest-level root superuser privileges.
The buffer overflow vulnerability is found only when either the device has the Captive Portal enabled, or multi-factor authentication configured, allowing attackers to send malicious requests to them.
Given the Common Vulnerabilties and Exposures index CVE-2020-2040, the flaw is r…

Click here to view the original article.