Palo Alto Bug used for DDoS Attacks and There's No Fix yet

[upnorth]

Content source

https://www.theregister.com/2022/08/12/palo_alto_bug/

A high-severity Palo Alto Networks denial-of-service (DoS) vulnerability has been exploited by miscreants looking to launch DDoS attacks, and several of the affected products won't have a patch until next week.

The vulnerability, tracked as CVE-2022-0028, received an 8.6 out of 10 CVSS score, and it affects PAN OS, the operating system in Palo Alto Networks' network security products. Panorama M-Series or Panorama virtual appliances, and Palo Alto Networks, have already had the issue fixed for cloud-based firewall and Prisma Access customers.

The fact that the bug is under active exploit shouldn't come as a big surprise. According to the vendor's own annual incident response report, criminals "start scanning for vulnerabilities within 15 minutes of a CVE being announced."

Palo Alto bug used for DDoS attacks and there's no fix yet

There goes the weekend...

www.theregister.com