### Overview
Palo Alto Networks has released a security patch for a critical vulnerability in its Expedition Migration Tool, which is used to migrate configurations from other vendors’ firewalls to Palo Alto Networks firewalls. The vulnerability, tracked as CVE-2023-21858, could allow an unauthenticated attacker to execute arbitrary code on a target system.
### Impact
The vulnerability could allow an attacker to:
* Execute arbitrary commands on the target system with root privileges
* Modify or delete configuration files
* Steal sensitive data
* Disrupt the operation of the firewall
### Affected Versions
All versions of the Expedition Migration Tool are affected by this vulnerability.
### Mitigation
Palo Alto Networks has released a security patch that addresses this vulnerability. Users are urged to update their installations of the Expedition Migration Tool as soon as possible.
The patch is available for download from the Palo Alto Networks website:
https://support.paloaltonetworks.com/Updates
### Workarounds
There are no known workarounds for this vulnerability.
### Recommendations
Palo Alto Networks recommends that all users of the Expedition Migration Tool update their installations to the latest version as soon as possible.
### Additional Information
Palo Alto Networks has published a security advisory that provides additional information about this vulnerability:
https://security.paloaltonetworks.com/CVE-2023-21858
### Contact Information
For more information, please contact Palo Alto Networks support:
https://www.paloaltonetworks.com/support
Kind regards
M. Martin