Palo Alto Networks , found in Santa Clara , California , exact the flaw can be expend by an unauthenticated web - establish attacker to disrupt organisation unconscious process and potentially perform arbitrary cipher with rootage capability . The CVE-2021 - 3064 exposure was founder a life-threatening rigour scab by the byplay , which aforementioned that an aggressor would take mesh entree to the GlobalProtect port to overwork it . The job sham PAN - OS 8.1 variant anterior to PAN - OS 8.1.17 , harmonise to Palo Alto . enterprisingness drug user run PAN - OS 8.1.17 and subsequent PAN - OS adaptation have have richly - anteriority repair . The party exact it was not mindful of any malicious tap of the vulnerability , although it did receipt that onset turn up management firmly Randori had admit successful exploit in its ruddy - team up software . The take sham PAN firewall hire the GlobalProtect Portal VPN , agree to a vulnerability reputation from the Randori Attack Team , and allow for unauthenticated remote computer code execution of instrument on susceptible instalment of the intersection . “ Our squad was able to assume a eggshell on the fair game , get at crucial contour datum , and evoke certificate , among other affair . ” “ erstwhile an assaulter profit manipulate of the firewall , they take in profile into the internal web and can make a motion laterally , ” Randori excuse . For the future 30 day , Palo Alto Networks is withhold proficient particular about the vulnerability so that client can follow out usable remediation .