Back

Critical Vulnerabilities Disclosed in Palo Alto Networks PAN-OS Software

Severity: High (Score: 72.9)

Sources: www.picussecurity.com, nvd.nist.gov

Summary

On November 18, 2024, Palo Alto Networks disclosed two critical vulnerabilities in PAN-OS: CVE-2024-0012 and CVE-2024-9474. CVE-2024-0012 is an authentication bypass vulnerability that allows unauthenticated attackers to gain administrator privileges via the management web interface. CVE-2024-9474 is a privilege escalation vulnerability that enables authenticated users to execute commands with root privileges. Both vulnerabilities can be exploited together, posing a significant risk to organizations using affected PAN-OS versions. The vulnerabilities affect PAN-OS versions earlier than 11.2.4-h1, 11.1.5-h1, 11.0.6-h1, and 10.2.12-h2. Organizations are urged to patch their systems immediately to mitigate the risks. The vulnerabilities have been actively exploited in the wild, emphasizing the urgency of remediation. Security professionals should refer to CISA's guidance for further recommendations. Key Points: • CVE-2024-0012 allows unauthenticated access to PAN-OS administrator privileges. • CVE-2024-9474 enables privilege escalation for authenticated users on PAN-OS. • Both vulnerabilities are actively exploited and require immediate patching.

Key Entities

  • Zero-day Exploit (attack_type)
  • Operation Lunar Peek (campaign)
  • Palo Alto Networks Web Attack Campaign (campaign)
  • Citrix Bleed (campaign)
  • Palo Alto Networks (company)
  • CVE-2024-0012 (cve)
  • CVE-2024-9474 (cve)
  • CWE-269 - Improper Privilege Management (cwe)
  • CWE-287 - Improper Authentication (cwe)
  • Cwe-306 - Missing Authentication For Critical Function (cwe)
  • CWE-78 - OS Command Injection (cwe)
  • T1068 - Exploitation for Privilege Escalation (mitre_attack)
  • T1190 - Exploit Public-Facing Application (mitre_attack)
  • T1505.003 - Web Shell (mitre_attack)
  • Cloud NGFW (platform)
  • Pan-os (platform)
  • Prisma Access (platform)
  • 3C5F9034C86CB1952AA5BB07B4F77CE7D8BB5CC9FE5C029A32C72ADC7E814668 (sha256)
  • Follina (vulnerability)
  • Pots And Pans (vulnerability)
  • RegreSSHion (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed