Critical Command Injection Vulnerability in Some Versions of Palo Alto PAN-OS [CVE-2024-3400] – April 12, 2024 Jessica On April 12, 2024, Palo Alto Networks warned that a critical vulnerability in the PAN-OS software used in their GlobalProtect Gateways was being actively exploited. A critical command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Fixes for PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 are in development and are expected to be released by April 14, 2024. These are the only versions of PAN-OS impacted by this vulnerability. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted. Status This vulnerability has been issued a CVSS score of 10. Research is underway to determine whether or not Bitsight can detect this vulnerability. See the resource center. References NIST, "CVE-2024-3400 Detail" Palo Alto, CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect Gateway The Hacker News, Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack Related articles CrowdStrike Update Causes Outage – July 19, 2024 GET: National Cybersecurity Companies KPI Supply Chain Attack via XZ Library Resulting in SSH Backdoor [CVE-2024-3094] – April 1, 2024 4th Party Risk: Products GET: Assets Feedback 0 comments Please sign in to leave a comment.