CVE-2021-3064

CRITICAL

Palo Alto Networks <8.1.17 - Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-3064. PoCs published by 0xhaggis.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-3064, a buffer overflow vulnerability in Palo Alto Pan-OS 8.x. The exploit leverages ROP (Return-Oriented Programming) and shellcode execution to achieve remote code execution (RCE) on vulnerable systems.

Description

A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue.

Exploits (1)

nomisec WORKING POC 1 stars
by 0xhaggis · poc
https://github.com/0xhaggis/CVE-2021-3064

This repository contains a functional exploit for CVE-2021-3064, a buffer overflow vulnerability in Palo Alto Pan-OS 8.x. The exploit leverages ROP (Return-Oriented Programming) and shellcode execution to achieve remote code execution (RCE) on vulnerable systems.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Palo Alto Pan-OS 8.1.1 - 8.1.16
No auth needed
Prerequisites: Network access to the target system · Vulnerable version of Pan-OS
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1
Core References
Vendor Advisory x_refsource_misc
https://security.paloaltonetworks.com/CVE-2021-3064

Scores

CVSS v3 9.8
EPSS 0.1909
EPSS Percentile 97.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-121 CWE-787
Status published
Products (1)
paloaltonetworks/pan-os 8.1.0 - 8.1.17
Published Nov 10, 2021
Tracked Since Feb 18, 2026