Published: 14/11/2024 Updated: 24/01/2025

Unauthenticated DoS Vulnerability in Palo Alto Networks PAN-OS GlobalProtect

A null pointer dereference vulnerability is found in the GlobalProtect gateway of Palo Alto Networks PAN-OS software. An attacker, without authentication, can exploit this by sending a special packet. This action stops the GlobalProtect service, causing a denial of service (DoS). If the attacker repeats this, the firewall will go into maintenance mode.

This issue is fixed in PAN-OS 10.2.11, PAN-OS 11.0.6, PAN-OS 11.1.5, and all later PAN-OS versions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
paloaltonetworks pan-os 11.1.4
paloaltonetworks pan-os 11.1.3
paloaltonetworks pan-os 11.1.2
paloaltonetworks pan-os 11.1.1
paloaltonetworks pan-os 11.1.0
paloaltonetworks pan-os 11.1
paloaltonetworks pan-os 11.0.5
paloaltonetworks pan-os 11.0.4
paloaltonetworks pan-os 11.0.3
paloaltonetworks pan-os 11.0.2
paloaltonetworks pan-os 11.0.1
paloaltonetworks pan-os 11.0.0
paloaltonetworks pan-os 11.0
paloaltonetworks pan-os 10.2.10
paloaltonetworks pan-os 10.2.9
paloaltonetworks pan-os 10.2.8
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.6
paloaltonetworks pan-os 10.2.5
paloaltonetworks pan-os 10.2.4
paloaltonetworks pan-os 10.2.3
paloaltonetworks pan-os 10.2.2
paloaltonetworks pan-os 10.2.1
paloaltonetworks pan-os 10.2.0
paloaltonetworks pan-os 10.2
palo alto networks cloud ngfw
palo alto networks pan-os
palo alto networks prisma access
paloaltonetworks pan-os

Critical Infrastructure Sectors: Energy

List of stories removed from the Hacker News Front Page, updated in real time.

UPDATE (February 4, 2024): This is the discussion about this project on HN: here Please specifically read @dang's comment regarding the core assumption of this project: here On a personal note, the number of Stories removed yesterday (Saturday, February 3, 2024) was the lowest ever recorded by the service This includes 2 duplicate Stories As a side note, in the list al

CWE-476 CWE-476 https://nvd.nist.gov https://github.com/vitoplantamura/HackerNewsRemovals https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-02 https://www.first.org/epss https://security.paloaltonetworks.com/CVE-2024-2550

CVE-2024-2550

Vulnerability Summary

Solution

Vulnerability Trend

ICS Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect