Palo Alto has warned on 13 April 2024 that hackers were actively exploiting an unauthenticated remote code execution vulnerability in their PAN-OS firewall software (tracked as CVE-2024-3400) since 26 March 2024. This critical vulnerability can allow hackers to use compromised devices to breach internal networks, steal data and credentials. Patches for this critical vulnerability have been available since 14 April 2024. It is strongly recommended for users and administrators of affected versions to immediately upgrade to the latest version. This vulnerability affects the following products:
Palo Alto Networks decided to disclose this flaw and release mitigations earlier as the flaw was being used in attacks. They also released mitigations so that customers could protect their devices until patches were complete. Volexity has provided a method to detect if a Palo Alto Networks firewall has been compromised:
More information is available here: https://security.paloaltonetworks.com/CVE-2024-3400 https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/device-telemetry/device-telemetry-configure/device-telemetry-disable https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184 https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/ Comments are closed.
|
Archives
June 2024
Categories
All
|
© 2021, TAFA HOLDINGS (S) PTE LTD. ALL RIGHTS RESERVED
|