Skip to main content

Advisory Type: IT Security
Severity: Critical


PDS is providing the following communication to build awareness of a critical vulnerability and patch availability affecting Palo Alto GlobalProtect Portal and Gateway. 

On November 10, 2021, Palo Alto Networks published Security Advisory CVE-2021-3064 disclosing that a memory corruption vulnerability exists in their GlobalProtect services which an unauthenticated attacker could leverage to potentially execute arbitrary code. 

The issue affects PAN-OS 8.1 versions prior to v8.1.17. 

Other PAN-OS versions and Prisma Access (cloud-based PAN-OS) services are not impacted by this vulnerability. 

We strongly advise customers to review the Palo Alto advisory and upgrade vulnerable systems. PDS Architects are available to assist with the updates, your Account Director can assist in arranging support for this issue.