Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability

April 15, 2024 at 04:21AM Palo Alto Networks has released hotfixes to address a critical security flaw (CVE-2024-3400) in PAN-OS software that is actively exploited. The flaw allows unauthenticated attackers to execute arbitrary code with root privileges on firewalls. This impacts specific PAN-OS versions and cloud-deployed firewall VMs. Threat actors have been leveraging the flaw, … Read more

Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

April 13, 2024 at 05:27AM Threat actors have been actively exploiting a critical zero-day flaw (CVE-2024-3400) in Palo Alto Networks PAN-OS software, allowing unauthorized code execution. Dubbed Operation MidnightEclipse, the attack involves creating cron jobs to run commands from an external server, triggering a Python-based backdoor. The actor UTA0218 displays advanced capabilities and likely state-backing. … Read more

Zero-day exploited right now in Palo Alto Networks’ GlobalProtect gateways

April 12, 2024 at 06:52PM Palo Alto Networks has issued a critical alert for a command-injection flaw in PAN-OS software, affecting firewall and VPN products. The flaw, with a top CVSS severity score, may allow unauthorized code execution. Updates to fix the vulnerability will arrive by April 14. Exploitation by threat actors has been observed, … Read more

Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks

April 12, 2024 at 09:32AM Palo Alto Networks warns of an actively exploited critical command injection vulnerability in PAN-OS firewall, affecting specific versions. The flaw, tracked as CVE-2024-3400, poses significant risk as it allows attackers to execute code with root privileges. Mitigations and temporary fixes are advised until security updates are available to address the … Read more

Palo Alto Networks Warns of Exploited Firewall Vulnerability

April 12, 2024 at 07:36AM Palo Alto Networks warns of a severe OS command injection vulnerability (CVE-2024-3400) in PAN-OS GlobalProtect, allowing arbitrary code execution with root privileges on affected firewalls. Remediation patches are expected by the end of the week. Customers are advised to check and apply mitigations to prevent exploitation. Volexity is credited for … Read more

Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack

April 12, 2024 at 06:15AM Palo Alto Networks warns of critical flaw (CVE-2024-3400) in GlobalProtect gateways, allowing unauthenticated attackers to execute code with root privileges. Affected PAN-OS versions are < 11.1.2-h3, < 11.0.4-h1, < 10.2.9-h1. Fixes expected on April 14, 2024. Customers advised to enable Threat ID 95187 for protection. Volexity credited with discovery. Chinese ... Read more