Palo Alto Updates Remediation for Max-Critical Firewall Bug

April 26, 2024 at 04:05PM Palo Alto Networks shares important update on a critical vulnerability (CVE-2024-3400) with a severity score of 10/10. Exploitable on PAN-OS 10.2, 11.0, and 11.1, the flaw allows unauthenticated threat actors to execute arbitrary code. PAN recommends upgrading to fixed PAN-OS versions and taking specific actions based on suspected activity for … Read more

Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack

April 26, 2024 at 07:00AM Palo Alto Networks has issued guidance for mitigating a critical security flaw in PAN-OS, identified as CVE-2024-3400, which allows unauthenticated remote command execution. The flaw has been actively exploited as a zero-day by a potentially state-backed hacking group. Remediation advice varies depending on the level of compromise, including updating to … Read more

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls

April 25, 2024 at 10:15AM Palo Alto Networks shared remediation instructions for organizations affected by the CVE-2024-3400 firewall vulnerability. They advise updating to the latest PAN-OS hotfix for unsuccessful exploitation attempts. Companies detecting potential exfiltration or interactive command execution should perform private data resets and factory resets, respectively. The zero-day exploit has seen increasing exploitation … Read more

Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug

April 23, 2024 at 04:59PM Siemens urges organizations using Ruggedcom APE1808 devices configured with Palo Alto Networks Virtual NGFW to address a critical zero-day bug, CVE-2024-3400, recently disclosed by PAN. The vulnerability allows for command injection and has been exploited by deploying a Python backdoor on affected firewalls. Siemens is working on updates and recommends … Read more

Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability

April 23, 2024 at 06:57AM A recently disclosed Palo Alto Networks firewall vulnerability (CVE-2024-3400) has been exploited for at least a month, impacting Siemens’ Ruggedcom APE1808 devices. Siemens is preparing updates and providing workarounds. The vulnerability has been exploited in the wild, and there are concerns about state-sponsored threat actors. The Shadowserver Foundation has identified … Read more

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability 

April 22, 2024 at 08:03AM Palo Alto Networks disclosed a critical vulnerability (CVE-2024-3400) affecting 6,000 internet-accessible firewalls, allowing unauthenticated remote code execution. Exploited by threat actors, the flaw affected GlobalProtect in PAN-OS devices, leading to sensitive data theft and malware deployment. Mitigations initially included disabling device telemetry, but the vendor later released patches effectively eliminating … Read more

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

April 20, 2024 at 01:57AM Palo Alto Networks has disclosed a critical security flaw, CVE-2024-3400, in PAN-OS being actively exploited by threat actors. The flaw allows unauthenticated remote shell command execution via a two-stage attack. The company has expanded patches to cover affected software versions and recommends applying hotfixes to mitigate potential threats. CISA has … Read more

22,500 Palo Alto firewalls “possibly vulnerable” to ongoing attacks

April 19, 2024 at 11:30AM Around 22,500 Palo Alto GlobalProtect firewall devices are likely vulnerable to the critical CVE-2024-3400 flaw, which allows unauthenticated attackers to execute commands with root privileges. Palo Alto Networks released patches between April 14-18, 2024, addressing the vulnerability. Threat actors have actively exploited the flaw, with many unpatched systems remaining possibly … Read more

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release

April 17, 2024 at 07:19AM A recently disclosed vulnerability in Palo Alto Networks firewall, tracked as CVE-2024-3400, is under increasing exploitation after proof-of-concept code was made available. The flaw enables attackers to execute arbitrary code with root privileges on affected firewalls. Various threat intelligence companies have been tracking the attacks, with patches and mitigations being … Read more

Palo Alto Networks fixes zero-day exploited to backdoor firewalls

April 15, 2024 at 09:04AM Palo Alto Networks is addressing a zero-day vulnerability that has been exploited since March 26th to backdoor PAN-OS firewalls. The flaw affects certain firewalls and can be exploited remotely to gain root code execution. Hotfixes have been released, and additional security measures are available. The active exploitation has been confirmed … Read more