Palo Alto Networks PAN-OS

Palo Alto Networks released a security advisory to address a remote code execution vulnerability, CVE-2017-8390, in the PAN-OS DNS Proxy for PAN-OS versions 6.1.17 and earlier, 7.0.15 and earlier, 7.1.9 and earlier, and 8.0.2 and earlier. Successful exploitation of this vulnerability could allow a remote threat actor to execute code on the firewall and view, change, or delete data. The NJCCIC recommends all users and administrators of PAN-OS review Palo Alto Network’s security advisory and apply necessary updates to current and subsequent versions of PAN-OS 6.1.18, 7.0.16, 7.1.10, and 8.0.3. If updating is not possible, apply the recommended workaround by disabling DNS Proxy for vulnerable versions.