Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack

Cyber Security

Products You May Like

Apr 12, 2024NewsroomNetwork Security / Zero-Day

Palo Alto Networks is warning that a critical flaw impacting PAN-OS software used in its GlobalProtect gateways is being actively exploited in the wild.

Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity.

“A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall,” the company said in an advisory published today.

The flaw impacts the following versions of PAN-OS, with fixes expected to be released on April 14, 2024 –

  • PAN-OS < 11.1.2-h3
  • PAN-OS < 11.0.4-h1
  • PAN-OS < 10.2.9-h1

The company also said that the issue is applicable only to firewalls that have the configurations for both GlobalProtect gateway (Network > GlobalProtect > Gateways) and device telemetry (Device > Setup > Telemetry) enabled.

Cybersecurity

Threat intelligence and incident response company Volexity has been credited with discovering and reporting the bug.

While there are no other ttechnical details about the nature of the intrusions or the identity of threat actors behind them, Palo Alto Networks acknowledged that it’s “aware of a limited number of attacks that leverage the exploitation of this vulnerability.”

In the interim, it’s recommending customers with a Threat Prevention subscription to enable Threat ID 95187 to secure against the threat.

The development comes as Chinese threat actors have increasingly relied on zero-day flaws impacting Barracuda Networks, Fortinet, Ivanti, and VMware to breach targets of interest and deploy covert backdoors for persistent access.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

Beats Solo Buds, Beats Solo 4 and Beats Pill Launched in India: Price, Specifications
Meta Considers New Mixed Reality Glasses as Headsets Alternative: Report
Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign
Nothing Ear Open Launch Seems Imminent as TWS Earphones Reportedly Spotted on IMDA Website
Scientists Capture First Detailed Images of North Star Polaris’ Surface Revealing Spots

Leave a Reply

Your email address will not be published. Required fields are marked *