As for what prompted the issue, the corporate mentioned that received’t be detailed “for safety causes.”
“We encourage prospects with particular issues associated to their environments to succeed in out to our help groups, who’re absolutely ready to help,” the assertion mentioned.
The problem got here to gentle after some Palo Alto Networks prospects posted complaints this week on a Reddit forum. “We had 3 of our 8 firewalls unexpectedly reboot prior to now few months,” wrote one particular person. One other Reddit poster mentioned the difficulty solely occurs if the firewall is about to do SSL interception..
“I assume it makes it tougher for the dangerous guys to use the quite a few vulnerabilities if the gadget retains rebooting,” mentioned Johannes Ullrich, dean of analysis on the SANS Institute.
He suspects this can be a bug and never one thing attributable to a particular cyber assault. “Firewalls might reboot in the event that they run low in system sources like reminiscence or are hit with a particular packet that triggers a denial of service situation,” he wrote in an e mail. “Sure, it’s attainable {that a} extra extreme vulnerability, if exploited not fairly accurately, causes this, however I’d guess at this level that this isn’t a particular assault.”
Individually, last month researchers at Eclypsium reported that next-generation firewalls they examined from Palo Alto Networks comprise years-old recognized vulnerabilities of their UEFI firmware. UEFI contains the low-level code chargeable for initializing a pc’s {hardware} earlier than loading the working system put in on the arduous drive.
