CVE-2021-3060

HIGH

PAN-OS <8.1.20-h1, <9.0.14-h3, <9.1 - Code Injection

Title source: llm

Description

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue.

Exploits (2)

nomisec WORKING POC 1 stars

by timb-machine-mirrors · poc

https://github.com/timb-machine-mirrors/rqu1-cve-2021-3060.py

View Code ZIP pw:eip

nomisec WORKING POC

by anmolksachan · poc

https://github.com/anmolksachan/CVE-2021-3060

View Code ZIP pw:eip

References (3)

Core 3

Core References

Vendor Advisory x_refsource_misc

https://security.paloaltonetworks.com/CVE-2021-3060

Vendor Advisory x_refsource_misc

https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html

Vendor Advisory x_refsource_misc

https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html

Scores

CVSS v3 8.1

EPSS 0.3841

EPSS Percentile 97.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-78

Status published

Products (2)

paloaltonetworks/pan-os 8.1.0 - 8.1.20

paloaltonetworks/prisma_access 2.1 (2 CPE variants)

Published Nov 10, 2021

Tracked Since Feb 18, 2026