Vulnerability detail

Enriched intelligence for a single CVE

8.1

CVSS
High

CVE-2019-1579

PUBLISHED

Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or...

Exploited in the wild Used in malware Remote No user interaction

Vendor: Palo Alto Networks
Product: Palo Alto Networks GlobalProtect Portal/Gateway Interface
Published: Jul 19, 2019
EPSS: —

Description

Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code.

cisa malware ransomware edge

CVSS scores

CVSS v3.1 8.1 High

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0 6.8

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitation status

Exploited in the wild

Recorded 2022-01-10 00:00:00 UTC · Source

Used in malware

Recorded 2022-01-10 00:00:00 UTC · Source

SSVC decision points

Exploitation: active
Automatable: No
Technical impact: total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Jan 10, 2022
CISA	Jan 10, 2022

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

Elsfa7-110/CVE-2019-1579

github · Created 2020-10-21 12:30:42 UTC · 0 stars

securifera/CVE-2019-1579

github · Created 2019-09-10 02:53:03 UTC · 63 stars

Timeline

CVE ID Reserved

December 06, 2018
CVE Published to Public

July 19, 2019
Exploit Used in Malware

January 10, 2022
Added to KEVIntel

January 10, 2022
Added to KEVIntel

January 10, 2022