August 15, 2024 at 07:51AM
Palo Alto Networks has released patches for high-severity vulnerabilities in its products, including a command injection issue in Cortex XSOAR, impacting the CommonScripts Pack. The Prisma Access Browser and two medium-severity issues have also been addressed. The company is not aware of any exploited vulnerabilities but has experienced targeted attacks in the past.
After reviewing the meeting notes, here are the key takeaways:
1. Palo Alto Networks has announced patches for vulnerabilities in several of its products, including some with a ‘high severity’ rating.
2. The most important vulnerability, CVE-2024-5914, is a high-severity command injection issue affecting the company’s Cortex XSOAR product, impacting the CommonScripts Pack and allowing an unauthenticated attacker to execute arbitrary commands.
3. Patches for the affected configurations will be included in versions starting with 1.12.33.
4. A separate ‘high severity’ advisory covers vulnerabilities in the Prisma Access Browser, with the latest upstream security fixes integrating over 30 vulnerabilities.
5. Additionally, two medium-severity issues were addressed: CVE-2024-5916, a PAN-OS bug enabling a read-only administrator to access secrets, passwords, and tokens, and CVE-2024-5915, a GlobalProtect app flaw allowing local attackers to escalate privileges.
6. Although no malicious attacks exploiting these vulnerabilities have been reported, past instances of threat actors targeting Palo Alto products have been noted, including the exploitation of a zero-day vulnerability to deploy a backdoor on the company’s firewalls.