Palo Alto Networks PAN-OS Zero-day Under Active Attack

In Cybersecurity News - Original News Source is by Blog Writer

Post Sharing

In a recent security alert, Palo Alto Networks has disclosed a critical vulnerability within its PAN-OS operating system, identified as CVE-2024-3400.

This zero-day flaw, found in the GlobalProtect Gateway, is currently under active exploitation by attackers. The vulnerability is classified under CWE-77, indicating an improper neutralization of special elements used in a command (‘Command Injection’).

CVE-2024-3400 allows attackers to execute arbitrary OS commands on the affected systems without proper authentication.

This severe security flaw poses a significant risk, as it could enable unauthorized individuals to gain control over the impacted devices, potentially leading to data theft, system compromise, and disruption of operations.


Stop Advanced Phishing Attack With AI

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by
other email security solutions. .

Palo Alto Networks has acknowledged a limited number of attacks that have successfully exploited this vulnerability. The company is actively working on releasing hotfixes to address the issue across various versions of PAN-OS.

Affected Versions and Hotfix Release Schedule

The following table outlines the affected versions of PAN-OS and the estimated arrival dates for the corresponding hotfix releases:

PAN-OS Version Vulnerable Hotfix Release ETA
10.2.9 Yes 04/14/2024 (10.2.9-h1)
11.0.4 Yes 04/14/2024 (11.0.4-h1)
11.1.2 Yes 04/14/2024 (11.1.2-h3)

Palo Alto Networks has assured its customers that all subsequent versions of PAN-OS following these hotfix releases will include the necessary patches to mitigate the vulnerability.

Recommendations for PAN-OS Users

In light of this critical vulnerability, Palo Alto Networks urges all users of the affected PAN-OS versions to prepare for the upcoming hotfixes. Organizations should plan to apply these updates as soon as they become available to protect their networks from potential attacks.

Additionally, users are advised to monitor their systems for any signs of compromise and implement best cybersecurity hygiene practices. This includes regular system updates, the use of strong, unique passwords, and the implementation of multi-factor authentication where possible.

Palo Alto Networks has recently disclosed four high-severity vulnerabilities, CVE-2024-3382, CVE-2024-3383, and CVE-2024-3384, in its firewall products.

Make sure to stay tuned for further updates on this developing story, and ensure that your systems are promptly updated to safeguard against this significant security threat.

Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.