{"id":43827,"date":"2021-11-10T17:00:00","date_gmt":"2021-11-10T17:00:00","guid":{"rendered":"http:\/\/4ef7efe6-9343-4746-8246-1141ac818a66"},"modified":"2021-11-10T17:00:00","modified_gmt":"2021-11-10T17:00:00","slug":"palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/","title":{"rendered":"Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\" class=\"ff-og-image-inserted\"><\/div>\n<p>Researchers with cybersecurity firm Randori have <a href=\"https:\/\/www.randori.com\/blog\/cve-2021-3064\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">discovered<\/a> a remote code execution vulnerability in Palo Alto Networks firewalls using the GlobalProtect Portal VPN.&nbsp;<\/p>\n<div class=\"relatedContent alignRight\">\n<h3 class=\"heading\"> <span class=\"int\">ZDNet Recommends<\/span> <\/h3>\n<\/p><\/div>\n<p>The zero-day &#8212; which has a severity rating of 9.8 &#8212;&nbsp;<a href=\"https:\/\/vital.wistia.com\/medias\/ht539sderu\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">allows<\/a> for unauthenticated, remote code execution on vulnerable installations of the product.&nbsp;<\/p>\n<p>The issue affects multiple versions of PAN-OS 8.1 prior to 8.1.17, and Randori said it found numerous vulnerable instances exposed on internet-facing assets, in excess of 70,000 assets. It is used by a number of Fortune 500 companies and other global enterprises.<\/p>\n<p>Palo Alto has released an update that patches CVE-2021-3064 after being notified about the issue in September.&nbsp;<\/p>\n<p>Aaron Portnoy, principal scientist at Randori, told <em>ZDNet<\/em> that the original catalyst for their research into Palo Alto Networks firewalls was identifying its presence on customer perimeters.<\/p>\n<p>&#8220;Once an attacker has control over the firewall, they will have visibility into the internal network and can proceed to move laterally. Randori believes the best way to identify potential points of attack is to assess the attack surface. We then devoted resources into assessing the attack surface of the firewall itself in a lab environment. This process allowed us to identify the components an attacker would have to exploit in order to compromise the device,&#8221; Portnoy explained.<\/p>\n<p>&#8220;As is the case with many closed-source products, simply setting up an environment in which to develop an exploit is challenging. Complex products such as PAN firewalls include protections that make this process difficult regardless of the vulnerability. We have found the overall security posture of the affected devices to be on par with other vendors in the space.&#8221;&nbsp;<\/p>\n<section class=\"sharethrough-top placeholder\"> <\/section>\n<p>Portnoy said that exploitation is difficult but possible on devices with ASLR enabled, which appears to be the case in most hardware devices.&nbsp;<\/p>\n<p>&#8220;On virtualized devices (VM-series firewalls), exploitation is significantly easier due to lack of ASLR, and Randori expects public exploits will surface,&#8221; Portnoy said.&nbsp;<\/p>\n<p>According to Portnoy, in October 2020, his team was tasked with researching vulnerabilities with the GlobalProtect Portal VPN. By November 2020, his team discovered CVE-2021-3064, began authorized exploitation of Randori customers, and successfully landed it at one of their customers &#8212; over the internet &#8212; not just in a lab.<\/p>\n<p>The exploit gains root privileges &#8212; complete control over the device &#8212; and can execute arbitrary code. Portnoy said his team was able to gain a shell on the affected target, access sensitive configuration data, extract credentials and more while moving laterally from there and gaining visibility into the internal network.&nbsp;<\/p>\n<p>Randori exploited Palo Alto Networks PA-5220, including PAN-OS 8.1.16 and PAN-OS 8.1.15.<\/p>\n<p>&#8220;The vulnerability chain consists of a method for bypassing validations made by an external web server (HTTP smuggling) and a stack-based buffer overflow. Exploitation of the vulnerability chain has been proven and allows for remote code execution on both physical and virtual firewall products. Publicly available exploit code does not exist at this time,&#8221; Randori said.<\/p>\n<p>&#8220;VPN devices are attractive targets for malicious actors, and exploitation of PA-VM virtual devices, in particular, is made easier due to their lack of Address Space Layout Randomization (ASLR). CVE-2021-3064 is a buffer overflow that occurs while parsing user-supplied input into a fixed-length location on the stack. The problematic code is not reachable externally without utilizing an HTTP smuggling technique. The exploitation of these together yields remote code execution as a low privileged user on the firewall device.&#8221;<\/p>\n<p>Randori noted that in order to exploit the vulnerability, the attacker must have network access to the device on the global protect service port (default port 443). As the affected product is a VPN portal, they added that this port is often accessible over the internet.&nbsp;<\/p>\n<p>In addition to the patch, Randori suggested affected organizations look through the available Threat Prevention signatures 91820 and 91855 that Palo Alto Networks made available. They can be enabled to thwart exploitation while organizations plan for the software upgrade. For those that do not use the VPN capability as part of the firewall, Randori recommended disabling the VPN functionality.<\/p>\n<p>Portnoy and Randori touted the situation as an example of the ethical use of zero-days to protect companies from the kind of threats they face from nation-state actors. Portnoy estimates that the vulnerability would be worth several hundred thousand dollars on the black market.<\/p>\n<p> READ MORE <a href=\"https:\/\/www.zdnet.com\/article\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#ftag=RSSbaffb68\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The issue affects multiple versions of PAN-OS 8.1 prior to 8.1.17 and Randori said it found numerous vulnerable instances exposed on internet-facing assets, in excess of 70,000 assets.<br \/>\nREAD MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-43827","post","type-post","status-publish","format-standard","hentry","category-zdnet-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-10T17:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN\",\"datePublished\":\"2021-11-10T17:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/\"},\"wordCount\":726,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/\",\"name\":\"Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\",\"datePublished\":\"2021-11-10T17:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#primaryimage\",\"url\":\"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\",\"contentUrl\":\"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/","og_locale":"en_US","og_type":"article","og_title":"Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-11-10T17:00:00+00:00","og_image":[{"url":"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN","datePublished":"2021-11-10T17:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/"},"wordCount":726,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/","url":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/","name":"Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp","datePublished":"2021-11-10T17:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#primaryimage","url":"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp","contentUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/22fcfbadd9e888cb4ee02d5252507096671365f6\/2021\/06\/22\/679b7fab-3a40-4090-ae02-101c853b8cdf\/critical-cybersecurity-vulnerabilities.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/palo-alto-networks-patches-zero-day-affecting-firewalls-using-globalprotect-portal-vpn\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/43827","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=43827"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/43827\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=43827"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=43827"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=43827"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}