July 11, 2024 at 11:49AM
Palo Alto Networks has released security updates to address several vulnerabilities in its products, including a critical bug impacting the Expedition migration tool, allowing an admin account takeover. Another flaw named BlastRADIUS could enable privilege escalation in certain PAN-OS firewall versions. Users are advised to update to the latest versions to mitigate these risks.
Based on the meeting notes, here are the key takeaways:
1. Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass.
2. Cataloged as CVE-2024-5910, the vulnerability in the Expedition migration tool could lead to an admin account takeover and impacts all versions of Expedition prior to version 1.2.92.
3. The newly disclosed flaw in the RADIUS protocol called BlastRADIUS (CVE-2024-3596) could allow an attacker to perform an adversary-in-the-middle (AitM) attack between Palo Alto Networks PAN-OS firewall and a RADIUS server to sidestep authentication.
4. The affected products include PAN-OS 11.1, 11.0, 10.2, 10.1, 9.1, and Prisma Access (all versions, with a fix expected to be released on July 30).
5. Workarounds include updating to the latest version of Expedition, restricting network access to authorized users, hosts, or networks, and not using CHAP or PAP unless they are encapsulated by an encrypted tunnel.
Please let me know if you need additional information or if there are specific actions to be taken based on these takeaways.