Firewall Bug Under Active Attack Triggers CISA Warning

The high-severity problem (CVE-2022-0028) that Palo Alto Networks claims adversaries tried to exploit has been fixed. Without needing to authenticate the targeted systems, remote hackers might use the issue to launch reflected and magnified denial-of-service (DoS) attacks.

According to Palo Alto Networks, the vulnerability can only be used on a small number of systems, in certain circumstances, and that the affected systems are not a standard firewall setup. There haven’t been any more assaults that take advantage of the problem, or if they have, they haven’t been made public. Products running the PAN-OS firewall software, such as the PA-Series, VM-Series, and CN-Series devices, are affected. Read More…