Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

CVE-2022-0778 OpenSSL flaw affects multiple Palo Alto devices

Palo Alto Networks plans to fix CVE-2022-0778 OpenSSL flaw in some of its firewall, VPN, and XDR, products during April 2022. In Mid March, OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, that affects the BN_mod_sqrt() function used when certificate parsing. The flaw was discovered by the popular Google Project Zero […]

Palo Alto Networks Palo Alto Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS FlawGlobalProtect CVE-2026-0257

Palo Alto Networks plans to fix CVE-2022-0778 OpenSSL flaw in some of its firewall, VPN, and XDR, products during April 2022.

In Mid March, OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, that affects the BN_mod_sqrt() function used when certificate parsing. The flaw was discovered by the popular Google Project Zero researcher Tavis Ormandy.

An attacker can trigger the vulnerability by crafting a malformed certificate with invalid explicit curve parameters.

“The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form.” reads the advisory for this flaw. “It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters.”

The vulnerability impacts OpenSSL versions 1.0.2, 1.1.1 and 3.0, the maintainers of the project addressed the flaw with the release of versions 1.0.2zd (for premium support customers), 1.1.1n and 3.0.2.

Palo Alto Networks warns that an attacker can trigger the vulnerability to cause the OpenSSL library to enter an infinite loop when parsing an invalid certificate and can result in a DoS condition.

“All PAN-OS software updates for this issue are expected to be released in April 2022. The full fixed versions for PAN-OS hotfixes will be updated in this advisory as soon as they are available.” states Palo Alto Network.

The company is expected to release security fixes for the above vulnerability during the week of April 18.

According to Palo Alto, PAN-OS, GlobalProtect app, and Cortex XDR agent software contain a flawed version of the OpenSSL library, while Prisma Cloud and Cortex XSOAR solutions are not impacted.

Below is the product status shared by Palo Alto Networks:

VersionsAffectedUnaffected
Cortex XDR Agentall
Cortex XSOARNoneall
GlobalProtect Appall
PAN-OS 10.2< 10.2.1>= 10.2.1
PAN-OS 10.1< 10.1.5-hf>= 10.1.5-hf
PAN-OS 10.0< 10.0.10>= 10.0.10
PAN-OS 9.1< 9.1.13-hf>= 9.1.13-hf
PAN-OS 9.0< 9.0.16-hf>= 9.0.16-hf
PAN-OS 8.1< 8.1.23>= 8.1.23
Prisma Access 3.0Preferred, Innovation
Prisma Access 2.2Preferred
Prisma Access 2.1Preferred, Innovation
Prisma CloudNoneall

“We intend to fix this issue in the following releases: PAN-OS 8.1.23, PAN-OS 9.0.16-hf, PAN-OS 9.1.13-hf, PAN-OS 10.0.10, PAN-OS 10.1.5-hf, PAN-OS 10.2.1, and all later PAN-OS versions. These updates are expected to be available during the week of April 18, 2022.” continues the advisory.

Waiting for PAN-OS security patches, the vendor states that customers with Threat Prevention subscriptions can enable Threat IDs 92409 and 92411 to reduce the risk of exploitation for this issue.

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform  

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]