CVE-2019-1579: Researchers Disclose Critical Vulnerability in Palo Alto Networks GlobalProtect

Researchers Orange Tsai and Meh Chang published a blog on July 17 detailing their discovery of a vulnerability in Palo Alto Networks (PAN) GlobalProtect Secure Socket Layer (SSL) virtual private network (VPN).

The vulnerability, designated as CVE-2019-1579, is a format string vulnerability due to how the PAN SSL Gateway passes the value of a particular parameter to snprintf in an unsanitized, and exploitable, fashion.

The researchers reported their findings to PAN and were told that it had already been addressed in a previous software update. However, there was no CVE associated with the vulnerability nor any details about it made public anywhere. This prompted the researchers to scan for vulnerable gateways, which included one associated with popular ride-hailing service, Uber.

To learn more about this event, please visit our blog.