CVE-2019-1581

CRITICAL

PAN-OS <7.1.24-h1, 7.1.25; 8.0 <8.0.19-h1, 8.0.20; 8.1 <8.1.9-h4, 8...

Title source: llm

Description

A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prior to 8.0.19-h1, 8.0.20; 8.1 versions prior to 8.1.9-h4, 8.1.10; 9.0 versions prior to 9.0.3-h3, 9.0.4.

References (1)

Core 1

Core References

Various Sources x_refsource_confirm

https://security.paloaltonetworks.com/CVE-2019-1581

Scores

CVSS v3 9.8

EPSS 0.0269

EPSS Percentile 86.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-78 CWE-20

Status published

Products (1)

paloaltonetworks/pan-os < 7.1.24

Published Aug 23, 2019

Tracked Since Feb 18, 2026