Palo Alto Networks has published a new Security Advisory at https://securityadvisories.paloaltonetworks.com/ .
PAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root access (CVE-2019-17440)
Severity = Critical
This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7000 Series with second-generation Switch Management Card (SMC) and an LFC installed and configured.
This issue is fixed in 9.0.5-h3 and all subsequent releases. Content update 8218-5815 also fixes the issue.
This issue only affected a very limited number of customers.
Details of the issues, affected versions, and any workaround/mitigation information can be found in the Security Advisories.
Please visit our Security Advisories website to learn more at https://securityadvisories.paloaltonetworks.com/
If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support
.
Regards
,
Product Security Incident Response Team
Palo Alto Networks