A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-based threat detection.
This issue impacts:
PAN-OS 8.1 versions earlier than 8.1.17;
PAN-OS 9.0 versions earlier than 9.0.11;
PAN-OS 9.1 versions earlier than 9.1.5;
All versions of PAN-OS 7.1 and PAN-OS 8.0.