Palo Alto Networks working to address attempted reflected, amplified DDoS attacks

California-based cybersecurity firm Palo Alto Networks said it recently learned that a service provider has identified an attempted reflected denial-of-services attack that took advantage of susceptible firewalls from several vendors, according to Security Week. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target, the firm explained. Palo Alto said the vulnerability, tracked as CVE-2022-0028, exists due to a misconfiguration in the URL filtering policy of its PAN OS, the platform powering the firm's next-gen firewalls, which permits a network-based attacker to carry out amplified and reflected TCP DoS attacks. The firm has so far addressed the vulnerability in PAN-OS 10.1 by rolling out platform version 10.1.6-h6. The company expects to release patches for PAN-OS 8.1, 9.0, 9.1, 10.0, and 10.2 next week. The Cybersecurity and Infrastructure Security Agency issued a warning about the vulnerability, and urged users and administrators to apply the available workarounds and patches.