April 11, 2024 at 06:12AM
Palo Alto Networks’ recent updates for PAN-OS operating system patch multiple high-severity vulnerabilities, including flaws that can lead to firewall disruptions. The vulnerabilities, like CVE-2024-3385, can be exploited for denial-of-service (DoS) attacks, impacting specific models and configuration settings. The company has also addressed medium-severity issues in various products, including Panorama Software. No malicious exploitation of these vulnerabilities has been reported.
Based on the meeting notes:
– Palo Alto Networks recently released updates for its PAN-OS operating system, patching several vulnerabilities, including high-severity flaws that can be exploited to disrupt firewalls.
– Three high-severity vulnerabilities have been identified, enabling denial-of-service (DoS) attacks. These include CVE-2024-3385, which can cause hardware-based firewalls to reboot using specially crafted packets while impacting specific firewall models and configurations. Similar impacts are also associated with CVE-2024-3384 and CVE-2024-3382, with the latter affecting devices with the SSL Forward Proxy feature enabled.
– There’s also a high-severity vulnerability related to the processing of data from Cloud Identity Engine (CIE) agents, potentially allowing the modification of User-ID groups and impacting user access to network resources.
– Additionally, Palo Alto Networks has addressed several medium-severity issues in PAN-OS and Panorama Software related to decryption exclusions, user impersonation, and third-party open-source components, as well as a security issue enabling man-in-the-middle attacks and capture of encrypted traffic in Panorama Software.
It’s noted that Palo Alto Networks is not aware of any malicious exploitation of these vulnerabilities at this time.