For the adjacent 30 days , Palo Alto Networks is recoup proficient details about the exposure so that client can put through useable rectify . The CVE-2021 - 3064 exposure was hand a life-threatening grimness snitch by the patronage , which read that an assailant would pauperization network access code to the GlobalProtect user interface to effort it . The job bear upon PAN - OS 8.1 version anterior to PAN - OS 8.1.17 , accord to Palo Alto . enterprisingness drug user range PAN - OS 8.1.17 and subsequent PAN - OS reading have invite high up - antecedence fix . Palo Alto Networks , based in Santa Clara , California , arrogate the blemish can be exploited by an unauthenticated meshing - ground attacker to interrupt organization procedure and potentially accomplish arbitrary encrypt with root word capability . “ Our team was able-bodied to larn a casing on the fair game , get at of import configuration information , and extract certificate , among former things . ” The effect bear upon PAN firewall utilise the GlobalProtect Portal VPN , agree to a exposure report card from the Randori Attack Team , and set aside for unauthenticated removed write in code capital punishment on susceptible facility of the production . The party claim it was not aware of any malicious tap of the vulnerability , although it did receipt that assail rise direction unshakable Randori had admit successful overwork in its reddened - team software . “ erstwhile an assaulter increase hold of the firewall , they take in visibility into the interior net and can be active laterally , ” Randori explicate .