What coverage can the Palo Alto firewall provide for CVE-2021-41379?

What coverage can the Palo Alto firewall provide for CVE-2021-41379?

1695
Created On 03/08/22 16:26 PM - Last Modified 06/26/25 01:13 AM


Question


What coverages can the Palo Alto firewall provide for CVE-2021-41379?

Environment


  • Palo Alto Networks NGFW (Strata)
  • Supported PAN-OS.
  • CVE-2021-41379.

Answer


CVE-2021-41379:

  1. Windows Installer Elevation of Privilege Vulnerability, also known as CVE-2021-41379, is a locally exploitable vulnerability affecting the Windows Platform.
  2. As this is a local exploit, a network IPS signature would not provide coverage.
  3. Palo Alto networks firewall does provide coverage of some of the malicious samples associated with the CVE-2021-41379 via WildFire and Antivirus package. 
  4. Signature for malicious samples associated with the CVE can be found at ​​​​​https://threatvault.paloaltonetworks.com/?query=451132454

Additional Information
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004NVkCAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language