CVE-2020-1994

MEDIUM

PAN-OS <8.1.13, <9.0.7 - Local Privilege Escalation

Title source: llm

Description

A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell access to corrupt arbitrary system files affecting the integrity of the system. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7.

References (1)

[Vendor Advisory] https://security.paloaltonetworks.com/CVE-2020-1994

Scores

CVSS v3 4.1

EPSS 0.0006

EPSS Percentile 17.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-377

Status published

Products (1)

paloaltonetworks/pan-os 7.1.0 - 7.1.26

Published May 13, 2020

Tracked Since Feb 18, 2026