Palo Alto Networks has informed customers about an information exposure vulnerability in Palo Alto Networks Cortex XDR agent (PAN-SA-2022-0001). An attacker could exploit this vulnerability to  take control of an affected system.

The company has also informed customers about a denial-of-service (DoS) vulnerability (CVE-2022-0023) affecting the DNS proxy feature in its PAN-OS software. An attacker can use specially crafted traffic to disrupt affected firewalls. Patches are available for all supported versions of PAN-OS.

Palo Alto has also released an advisory for denial-of-service (DoS) vulnerability (CVE-2022-0778 ) in OpenSSL library that impact PAN-OS, GlobalProtect app, and Cortex XDR agent software.

More information on vulnerabilities and updates is available in Palo Alto Networks security advisories – paloaltonetworks.com.