A new critical security alert requires the mission-critical community’s immediate attention.
Advisory Overview
Cyberattackers are leveraging a vulnerability discovered in Palo Alto Networks’ firewall.
What Is the Threat?
Tracked as CVE-2022-0028, the vulnerability has a Common Vulnerability Scoring System (CVSS) base score of 8.6. (on a 10-point scale), which places it in the high-risk category. It enables cyberattackers to conduct reflected and amplified Transmission Control Protocol (TCP) denial-of-service (DoS) attacks.
PAN-OS is the software that runs all Palo Alto Networks' next-generation firewalls. Affected versions are identified in the following table:
What Is the Risk?
This vulnerability does not give cyberattackers access to an internal network, but it can be used to halt business operations or obfuscate attackers who are targeting other organizations.
What Are the Recommendations?
The vulnerability appears to impact only PAN-OS software, which Palo Alto Networks have patched. MCP advises that users apply these software updates as soon as possible.
If you are looking for guidance, please reach out. MCP offers a comprehensive cybersecurity solutions suite for critical infrastructure organizations to help them determine their network, data, and application vulnerabilities. We can help you develop a complete cyberattack prevention strategy. Contact us today to learn more.