Rewterz Threat Advisory – CVE-2022-0022 – Palo Alto Networks PAN-OS Vulnerability

Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs

March 14, 2022

Rewterz Threat Alert – CaddyWipper Ransomware – Active IOCs

March 15, 2022

Rewterz Threat Advisory – CVE-2022-0022 – Palo Alto Networks PAN-OS Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-0022

Palo Alto Networks PAN-OS could allow a local authenticated attacker to obtain sensitive information, caused by the use of a weak cryptographic algorithm. By utilize password cracking attack techniques against accounts in normal (non-FIPS-CC) operational mode, an attacker could exploit this vulnerability to obtain password information, and use this information to launch further attacks against the affected system.

Impact

Information Disclosure

Indicators Of Compromise

CVE

CVE-2022-0022

Affected Vendors

Palo Alto

Affected Products

Palo Alto Networks PAN-OS 9.0.0
Palo Alto Networks PAN-OS 8.1
Palo Alto Networks PAN-OS 9.1.0
Palo Alto Networks PAN-OS 10.0

Remediation

Refer to Palo Alto Networks Security Advisories for patch, upgrade or suggested workaround information.

Palo Alto Networks Security Advisories

Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs

Rewterz Threat Alert – CaddyWipper Ransomware – Active IOCs

Rewterz Threat Advisory – CVE-2022-0022 – Palo Alto Networks PAN-OS Vulnerability

Severity

Analysis Summary

CVE-2022-0022

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan