Paloaltonetworks CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Paloaltonetworks CVE published 2017-01-27

CVE-2017-5329

CVE-2017-5329 is a local privilege-escalation flaw in Palo Alto Networks Terminal Services Agent. NVD describes the issue as an out-of-bounds write (CWE-787) affecting versions before 7.0.7, with the vulnerable range shown as through 7.0.6. Because the attack is local, requires low privileges, and needs no user interaction, the practical risk is highest on systems where untrusted local users or code can r [truncated]

HIGH Paloaltonetworks CVE published 2017-01-27

CVE-2017-5328

CVE-2017-5328 is a high-severity vulnerability in Palo Alto Networks Terminal Services Agent. According to the NVD record, versions before 7.0.7 are affected, and attackers may be able to spoof arbitrary users through unspecified vectors. The supplied NVD data rates the issue CVSS 7.5 (HIGH) with network attack complexity low and no user interaction required.