CVE-2020-2016 — Insecure Temporary File in Palo Alto Networks Pan-os

CWE-377 — Insecure Temporary File CWE-362 — Race Condition CWE-835 — Infinite Loop28 documents17 sources

Severity

7.0HIGHNVD

EPSS

0.2%

top 56.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Paloaltonetworks Pan-os Paloalto Pan-os

Timeline

PublishedMay 13

Latest updateAug 22

Description

A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; …

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages3 packages

▶NVDpaloaltonetworks/pan-os7.1.0 — 7.1.26+3

▶CVEListV5palo_alto_networks/pan-os7.1 — 7.1.26+3

▶Palo Altopaloalto/pan-os

🔴Vulnerability Details

OSV

libxstream-java vulnerabilities↗2024-08-22

▶

GHSA

GHSA-phhf-m45q-vcxw: A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limit↗2022-05-24

▶

CVEList

PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation↗2020-05-13

▶

💥Exploits & PoCs

Exploit-DB

Foxit Reader 9.0.1.1049 - Arbitrary Code Execution↗2020-11-27

▶

Exploit-DB

Sysaid 20.1.11 b26 - Remote Command Execution↗2020-03-10

▶

Exploit-DB

Tomcat proprietaryEvaluate 9.0.0.M1 - Sandbox Escape↗2020-01-08

▶

📋Vendor Advisories

Oracle

Oracle Oracle Fusion Middleware Risk Matrix: Jave APIs (BeanShell) — CVE-2016-2510↗2020-10-15

▶

Oracle

Oracle Oracle REST Data Services Risk Matrix: General (Apache Commons FileUpload) — CVE-2016-1000031↗2020-10-15

▶

Oracle

Oracle Oracle Supply Chain Risk Matrix: Install (Apache Groovy) — CVE-2016-6814↗2020-07-15

▶

Red Hat

glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop↗2020-07-09

▶

Palo Alto

PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation↗2020-05-13

▶

🕵️Threat Intelligence

Unit42

Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350↗2020-07-21

▶

Tenable

Tenable Releases Plugins for Critical Windows CryptoAPI Vulnerability↗2020-01-15

▶