CVE-2020-2009

HIGH

Palo Alto Networks PAN-OS <8.1.14, <9.0.7 - RCE

Title source: llm

Description

An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions. This issue affects: All versions of PAN-OS 7.1; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7.

References (1)

[Vendor Advisory] https://security.paloaltonetworks.com/CVE-2020-2009

Scores

CVSS v3 7.2

EPSS 0.0152

EPSS Percentile 81.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-610 CWE-73

Status published

Products (1)

paloaltonetworks/pan-os 7.1.0 - 7.1.26

Published May 13, 2020

Tracked Since Feb 18, 2026