⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply updates per vendor instructions.. Due date: 2022-07-10.

CVE-2019-1579

CWE-134Uncontrolled Format String8 documents8 sources
8.1
CVSS
HIGH
EPSS92.9%(100th)
CISA KEVExploited in WildRansomware Use
CISA Required Action: Apply updates per vendor instructions.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5palo_alto_networks_globalprotect_portal/gateway_interfacePAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2 and earlier releases
NVDpaloaltonetworks/pan-os8.0.08.0.12+2
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code.
NVDMITRE

🔴Vulnerability Details

3
GHSA
GHSA-3w36-wf5x-rjfv: Remote Code Execution in PAN-OS 72022-05-24
CVEList
CVE-2019-1579: Remote Code Execution in PAN-OS 72019-07-19
VulnCheck
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability2019

🔍Detection Rules

1
Suricata
ET EXPLOIT Possible Palo Alto SSL VPN sslmgr Format String Vulnerability (Inbound) (CVE-2019-1579)2019-07-18

📋Vendor Advisories

1
CISA
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability2022-01-10

💬Community

1
Bugzilla
CVE-2019-10431 jenkins-script-security: Sandbox bypass vulnerability in Script Security Plugin2019-10-22
CVE-2019-1579 (HIGH CVSS 8.1) | Remote Code Execution in PAN-OS 7.1 | cvebase.io