A recent evaluation by Eclypsium of three firewall models from Palo Alto Networks revealed serious security vulnerabilities that could compromise device firmware and misconfigured security features. The issues, collectively termed PANdora's Box, include several well-known vulnerabilities that could allow attackers to bypass integrity protections like Secure Boot. This evaluation analyzed PA-3260, PA-1410, and PA-415 models, highlighting significant risks associated with older models, especially PA-3260 which has reached end-of-sale. The vulnerabilities could result in privilege escalations and unauthorized code execution, raising concerns for enterprise security.
These weren't obscure, corner-case vulnerabilities. Instead these were very well-known issues that we wouldn't expect to see even on a consumer-grade laptop.
The identified flaws, collectively named PANdora's Box, refer to a set of vulnerabilities that could allow attackers to evade even the most basic integrity protections.
Collection
[
|
...
]