September 12, 2024 at 09:36AM
Palo Alto Networks has released patches for numerous high-severity vulnerabilities affecting its products, including PAN-OS, Cortex XDR, and Prisma Access Browser. These vulnerabilities allow attackers to execute arbitrary commands, expose sensitive information, and more. The company has also addressed issues with the integration of Cortex XSOAR and XSIAM, and an agent vulnerability affecting Windows installations. Palo Alto Networks states that there has been no known exploitation of the vulnerabilities in the wild.
Based on the meeting notes, the key takeaways are:
– Palo Alto Networks has informed customers about patches for numerous vulnerabilities in its PAN-OS, Cortex XDR, ActiveMQ Content Pack, and Prisma Access Browser products.
– The most important advisory describes a high-severity CVE-2024-8686 vulnerability in PAN-OS, allowing authenticated attackers with admin privileges to bypass system restrictions and run arbitrary commands on the firewall as root.
– The cybersecurity company has also updated its Chromium-based Prisma Access Browser to address 29 vulnerabilities, some with high severity ratings and known exploitation in the wild.
– Several vulnerabilities with medium severity ratings have been addressed, including cleartext exposure of GlobalProtect portal passwords and flaws allowing authenticated admins to read arbitrary files and impersonate GlobalProtect users in PAN-OS.
– An information exposure vulnerability in PAN-OS enables GlobalProtect end users to learn configured passwords and passcodes, allowing them to bypass normal configuration restrictions.
– A cleartext credentials exposure issue has been fixed in the ActiveMQ Content Pack, specific to its integration with Cortex XSOAR and XSIAM.
– A Cortex XDR Agent vulnerability affecting Windows installations allows attackers with admin privileges to disable the agent, potentially being leveraged by malware.
– Palo Alto Networks stated that it’s not aware of in-the-wild exploitation for any of the vulnerabilities specific to its products.
– The company also published a bulletin stating that over a dozen vulnerabilities found in open source software over the past decade do not impact its products.
Additionally, Palo Alto Networks has shared remediation advice for hacked firewalls, patched an unauthenticated command execution flaw in Cortex XSOAR, and addressed the BlastRADIUS vulnerability while fixing a critical bug in the Expedition Tool.