A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated malicious user to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
paloaltonetworks pan-os 10.2.7 |
||
paloaltonetworks pan-os 10.2.2 |
||
paloaltonetworks pan-os 10.2.6 |
||
paloaltonetworks pan-os 10.2.5 |
||
paloaltonetworks pan-os 10.2.3 |
||
paloaltonetworks pan-os 10.2.4 |
||
paloaltonetworks pan-os 10.2.1 |
||
paloaltonetworks pan-os 10.2.0 |
||
paloaltonetworks pan-os 10.2.9 |
||
paloaltonetworks pan-os 11.1.1 |
||
paloaltonetworks pan-os 11.0.2 |
||
paloaltonetworks pan-os 11.1.0 |
||
paloaltonetworks pan-os 11.1.2 |
||
paloaltonetworks pan-os 11.0.4 |
||
paloaltonetworks pan-os 11.0.3 |
||
paloaltonetworks pan-os 11.0.0 |
||
paloaltonetworks pan-os 11.0.1 |
||
paloaltonetworks pan-os 10.2.8 |
22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks By Bill Toulas April 19, 2024 11:27 AM 0 Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited in attacks since at least March 26, 2024. CVE-2024-3400 is a critical vulnerability impacting specific Palo Alto Networks' PAN-OS versions in the GlobalProtect feature that allows unauth...
Exploit released for Palo Alto PAN-OS bug used in attacks, patch now By Sergiu Gatlan April 16, 2024 02:36 PM 0 Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software. Tracked as CVE-2024-3400, this security flaw can let unauthenticated threat actors execute arbitrary code as root via command injection in low-complexity attacks on vulnerable PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls if the device telemet...
Palo Alto Networks fixes zero-day exploited to backdoor firewalls By Sergiu Gatlan April 15, 2024 08:59 AM 0 Palo Alto Networks has started releasing hotfixes for a zero-day vulnerability that has been actively exploited since March 26th to backdoor PAN-OS firewalls. This maximum severity security flaw (CVE-2024-3400) affects PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with device telemetry and GlobalProtect (gateway or portal) enabled. Unauthenticated threat actors can exploit it r...
Palo Alto Networks zero-day exploited since March to backdoor firewalls By Lawrence Abrams April 13, 2024 08:35 AM 0 Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. Palo Alto Networks warned yesterday that hackers were actively exploiting an unauthenticated remote code execution vulnerability in its PAN-OS ...
Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks By Bill Toulas April 12, 2024 09:28 AM 0 Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks. "Palo Alto Networks is aware of a limited number of attacks that leverage the exploitation of this vulnerability," warns the Palo Alto security bulletin. The flaw, which has been discovered by Volexity and is tracked as CVE-2024-3400, i...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Out of the PAN-OS and into the firewall, a Python backdoor this way comes
Palo Alto Networks on Friday issued a critical alert for an under-attack vulnerability in the PAN-OS software used in its firewall-slash-VPN products. The command-injection flaw, with an unwelcome top CVSS severity score of 10 out of 10, may let an unauthenticated attacker execute remote code with root privileges on an affected gateway, which to put it mildly is not ideal. It can, essentially, be exploited to take complete control of equipment and drill into victims' networks. Updates to fully f...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Race on to patch as researchers warn of mass exploitation of directory traversal bug
Various infosec researchers have released proof-of-concept (PoC) exploits for the maximum-severity vulnerability in Palo Alto Networks' PAN-OS used in GlobalProtect gateways. The PoCs started rolling out just a day after the vendor began releasing hotfixes for the issue on Monday. Researchers have echoed previous warnings about how easy the vulnerability is to use in attacks, and said that many organizations could be compromised as a result. Cybersecurity biz watchTowr Labs was the first to rele...