Researchers have discovered that next-generation firewalls from Palo Alto Networks contain years-old known vulnerabilities in their UEFI firmware — a finding that provides yet more evidence of a broader issue with specialized devices today. Increasingly built on commodity hardware, specialty devices share the same UEFI vulnerabilities as general-purpose PCs and laptops, inheriting similarly slow firmware patching cycles.
“We purchased multiple Palo Alto Networks security appliances, expecting a high level of security and resilience,” researchers from firmware security firm Eclypsium wrote in a new report. “Instead, what we found under the hood was commodity hardware, vulnerable software and firmware, and missing security features.”
The researchers tested the PA-3260, PA-1410, and PA-415 models of Palo Alto’s enterprise firewall devices, all of which are fully supported, although the PA-3260 is no longer actively sold. The discovered issues included UEFI vulnerabilities and insecure configurations that have been known for years, and that could be exploited by attackers with root access on the devices to implant malicious code into the low-level firmware or bootloader.
Source:: Network World