SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

September 6, 2024 at 01:27PM SonicWall disclosed an actively exploited security flaw in SonicOS, urging immediate patching. The vulnerability (CVE-2024-40766) affects management access and SSLVPN, with potential unauthorized access and firewall crashes. Temporary solutions include restricting firewall management and implementing multi-factor authentication. The flaw’s exploitation in the wild has led to urgent patch recommendations for … Read more

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild

September 6, 2024 at 09:18AM SonicWall warns customers of a potential exploit in a recently patched SonicOS vulnerability (CVE-2024-40766). The vulnerability impacts Gen 5, Gen 6, and Gen 7 firewalls, allowing unauthorized access and possible crashes. They advise immediate patching and password updates to mitigate risks. There are no reports of exploitation yet. Based on … Read more

Palo Alto Updates Remediation for Max-Critical Firewall Bug

April 26, 2024 at 04:05PM Palo Alto Networks shares important update on a critical vulnerability (CVE-2024-3400) with a severity score of 10/10. Exploitable on PAN-OS 10.2, 11.0, and 11.1, the flaw allows unauthenticated threat actors to execute arbitrary code. PAN recommends upgrading to fixed PAN-OS versions and taking specific actions based on suspected activity for … Read more

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability 

April 22, 2024 at 08:03AM Palo Alto Networks disclosed a critical vulnerability (CVE-2024-3400) affecting 6,000 internet-accessible firewalls, allowing unauthenticated remote code execution. Exploited by threat actors, the flaw affected GlobalProtect in PAN-OS devices, leading to sensitive data theft and malware deployment. Mitigations initially included disabling device telemetry, but the vendor later released patches effectively eliminating … Read more

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release

April 17, 2024 at 07:19AM A recently disclosed vulnerability in Palo Alto Networks firewall, tracked as CVE-2024-3400, is under increasing exploitation after proof-of-concept code was made available. The flaw enables attackers to execute arbitrary code with root privileges on affected firewalls. Various threat intelligence companies have been tracking the attacks, with patches and mitigations being … Read more

Palo Alto Networks zero-day exploited since March to backdoor firewalls

April 13, 2024 at 09:01AM Suspected state-sponsored hackers have exploited an unpatched zero-day in Palo Alto Networks firewalls (CVE-2024-3400) since March 26, breaching internal networks to steal data and credentials. Palo Alto Networks released mitigations until the patches were complete. Volexity tracked the malicious activity (UTA0218) and detected the backdoor ‘Upstyle,’ with detailed exploitation methods … Read more

Zero-day exploited right now in Palo Alto Networks’ GlobalProtect gateways

April 12, 2024 at 06:52PM Palo Alto Networks has issued a critical alert for a command-injection flaw in PAN-OS software, affecting firewall and VPN products. The flaw, with a top CVSS severity score, may allow unauthorized code execution. Updates to fix the vulnerability will arrive by April 14. Exploitation by threat actors has been observed, … Read more

State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls

April 12, 2024 at 04:48PM A zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks firewalls has been exploited by threat actor ‘UTA0218’ for over two weeks. The issue permits unauthorized execution of code with root privileges. Palo Alto is expected to release patches by April 14. Organizations are urged to take immediate mitigation steps and be … Read more