CVE-2019-1580Out-of-bounds Write in Paloaltonetworks Pan-os

CWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
2.2%
top 15.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Paloaltonetworks Pan-osPaloalto Pan-os
Timeline
PublishedAug 23
Latest updateMay 24

Description

Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow a remote, unauthenticated user to craft a message to Secure Shell Daemon (SSHD) and corrupt arbitrary memory.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDpaloaltonetworks/pan-os8.0.08.0.19+3
Palo Altopaloalto/pan-os

🔴Vulnerability Details

2
GHSA
GHSA-278j-379h-8hqx: Memory corruption in PAN-OS 72022-05-24
CVEList
CVE-2019-1580: Memory corruption in PAN-OS 72019-08-23

📋Vendor Advisories

1
Palo Alto
Memory Corruption in PAN-OS2019-08-21
CVE-2019-1580 — Out-of-bounds Write in Paloaltonetworks | cvebase