CVE-2020-1979

PAN-OS: A format string vulnerability in PAN-OS log daemon (logd) on Panorama allows local privilege escalation

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.

Una vulnerabilidad de la cadena de formato en el demonio de registro (logd) de PAN-OS en Panorama permite a un atacante basado en la red con conocimiento de los dispositivos de cortafuegos registrados y acceso a las interfaces de gestión de Panorama ejecutar un código arbitrario, omitiendo el shell restringido y escalando privilegios. Este problema afecta sólo a las versiones de PAN-OS 8.1 anteriores a PAN-OS 8.1.13 en Panorama. Este problema no afecta a las versiones de PAN-OS 7.1, PAN-OS 9.0 o posteriores.

*Credits: This issue was discovered by Nicholas Newsom of Palo Alto Networks during an internal security review.

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2019-12-04 CVE Reserved
2020-03-11 CVE Published
2023-03-08 EPSS Updated
2024-09-17 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-134: Use of Externally-Controlled Format String

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://security.paloaltonetworks.com/CVE-2020-1979	2020-05-13

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Paloaltonetworks Search vendor "Paloaltonetworks"		Pan-os Search vendor "Paloaltonetworks" for product "Pan-os"				< 8.1.13 Search vendor "Paloaltonetworks" for product "Pan-os" and version " < 8.1.13"		-		Affected