Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/screaminggoat/statuses/113878596316423539">screaminggoat (screaminggoat@infosec.exchange)'s status on Friday, 24-Jan-2025 09:52:12 JST</a><a href="https://infosec.exchange/@screaminggoat" title="screaminggoat@infosec.exchange"><img src="https://gnusocial.jp/avatar/278335-48-20250102170004.webp" width="48" height="48" alt="screaminggoat" style="position: absolute; left: 0; top: 0;">screaminggoat</a></section><article><p>Eclysium: <a href="https://eclypsium.com/research/pandoras-box-vulns-in-security-appliances/" rel="nofollow">PANdora's Box: Vulnerabilities Found in NGFW</a><br>Eclysium evaluated three Palo Alto Networks appliances, finding known vulnerabilities ranging from "Boothole" (buffer overflow to RCE) and secure boot bypass to LogoFail, PixieFail, leaked keys bypass, etc. Elypsium provides a timeline with the most recent update requesting that they wait for a patch before going public with the details, but no estimated time of patch release. </p><p><a href="https://infosec.exchange/tags/paloaltonetworks" rel="tag">#paloaltonetworks</a> <a href="https://infosec.exchange/tags/panos" rel="tag">#panos</a> <a href="https://infosec.exchange/tags/pixiefail" rel="tag">#pixiefail</a> <a href="https://infosec.exchange/tags/logofail" rel="tag">#logofail</a> <a href="https://infosec.exchange/tags/boothole" rel="tag">#boothole</a> <a href="https://infosec.exchange/tags/secureboot" rel="tag">#secureboot</a> <a href="https://infosec.exchange/tags/panw" rel="tag">#panw</a> <a href="https://infosec.exchange/tags/infosec" rel="tag">#infosec</a> <a href="https://infosec.exchange/tags/vulnerability" rel="tag">#vulnerability</a> <a href="https://infosec.exchange/tags/cve" rel="tag">#cve</a> <a href="https://infosec.exchange/tags/cybersecurity" rel="tag">#cybersecurity</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4436428#notice-8680530">In conversation</a><time datetime="2025-01-24T09:52:12+09:00" title="Friday, 24-Jan-2025 09:52:12 JST">about 4 months ago</time> <span>from <span><a href="https://infosec.exchange/@screaminggoat/113878596316423539" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@screaminggoat/113878596316423539">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
screaminggoat (screaminggoat@infosec.exchange)'s status on Friday, 24-Jan-2025 09:52:12 JST screaminggoat
Eclysium: PANdora's Box: Vulnerabilities Found in NGFW
Eclysium evaluated three Palo Alto Networks appliances, finding known vulnerabilities ranging from "Boothole" (buffer overflow to RCE) and secure boot bypass to LogoFail, PixieFail, leaked keys bypass, etc. Elypsium provides a timeline with the most recent update requesting that they wait for a patch before going public with the details, but no estimated time of patch release.
#paloaltonetworks #panos #pixiefail #logofail #boothole #secureboot #panw #infosec #vulnerability #cve #cybersecurity
In conversationabout 4 months ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice