#BSI WID-SEC-2025-1063: [NEU] [mittel] #PaloAlto #Networks #GlobalProtect: Mehrere Schwachstellen
Ein lokaler Angreifer kann mehrere Schwachstellen in PaloAlto Networks GlobalProtect ausnutzen, um seine Privilegien zu erhöhen, und um einen Denial of Service Angriff durchzuführen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1063
Nearly 24,000 IPs behind wave of #PaloAlto #GlobalProtect scans
Any of your employers use #GlobalProtect? Are you also getting this popup multiple times a day?
Gold standard for bad #UIUX choices there.
Firstly, what's the value in knowing this? There's no action to take. Or, rather, SHOULD be no action to take (we have to dismiss the popup).
Secondly, it's conditioning us to ignore notifications from the tool. If there ever IS a problem everyone is going to ignore the warning.
At least the latest Windows patch only made 0.1% of our company computers completely lose all network connections.
Of course all those users called at once.
Here's how to fix a certificate chain on a Palo Alto firewall
https://thedxt.ca/2024/12/palo-alto-certificate-chain-fix/
#PaloAlto #PaloAltoNetworks #Firewall #Certificates #GlobalProtect #PANOS
An issue I’ve run into on Palo Alto Networks firewalls is that everything seems to work when importing a certificate (usually a PFX). Until you start using the certificate, then after a validation or a commit, there’s a warning that the certificate chain is not correctly formed. Warning: certificate chain not correctly formed in certificate…
#BSI WID-SEC-2024-3546: [NEU] [mittel] #PaloAlto #Networks #GlobalProtect: Schwachstelle ermöglicht Privilegieneskalation
Ein lokaler Angreifer kann eine Schwachstelle in PaloAlto Networks GlobalProtect ausnutzen, um seine Privilegien zu erhöhen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3546
BSI WID Advisories Feed
Sebastian
flagthis
securityaffairs
The New Oil
Seamus Quigley
Why Not Zoidberg? 🦑
Daniel Keer
Harry Sintonen