"CISA Is Warning of High-Severity PAN-OS DDoS Flaw Used in Attacks"

A recent vulnerability discovered in Palo Alto Networks' PAN-OS has been added to the US Cybersecurity and Infrastructure Security Agency's (CISA) catalog of Known Exploitable Vulnerabilities (KEV). The vulnerability, CVE-2022-0028, is a high-severity risk that allows a remote threat actor to launch reflected and amplified Denial-of-Service (DoS) attacks without requiring authentication. The vulnerability affects several PAN-OS versions that power PA-Series, VM-Series, and CN-Series devices, and Palo Alto Networks has released patches for all of them. While exploiting the flaw can only result in a DoS condition on the affected device, at least one attack has already been carried out. Palo Alto Networks stated in an August 12 security advisory that they became aware of the issue after receiving an alert about an attempted reflected DoS attack via one of its products. According to the vendor, a threat actor who exploits the flaw may conceal their original IP address, making remediation more difficult. According to Palo Alto Networks, the flaw is only exploitable under certain conditions that are not part of a standard firewall configuration. This article continues to discuss findings and warnings regarding the high-severity PAN-OS DDoS flaw.

Bleeping Computer reports "CISA Is Warning of High-Severity PAN-OS DDoS Flaw Used in Attacks"