Palo Alto released a security advisory to address an actively exploited vulnerability, tracked as CVE-2024-3393. The vulnerability impacts Palo Alto Networks software (PAN-OS). Successful exploitation of the vulnerability may lead to a Denial of Service (DoS) attack. “Palo Alto Networks is aware of customers experiencing this Denial of Service (DoS) when their firewall blocks malicious … Continue reading “Palo Alto Networks Denial of Service Vulnerability Exploited in the Wild (CVE-2024-3393)”
Tag: Palo Alto
CISA Added Palo Alto Networks Firewall Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2024-0012 & CVE-2024-9474)
CISA warns about two vulnerabilities being actively exploited, tracked as CVE-2024-0012 and CVE-2024-9474. Both vulnerabilities exist in the PAN-OS web management interface. CISA urged users to patch the vulnerabilities before December 9, 2024. Palo Alto mentioned in the advisory that they know about threat activity that exploits this vulnerability against a limited number of management … Continue reading “CISA Added Palo Alto Networks Firewall Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2024-0012 & CVE-2024-9474)”
Palo Alto Networks Expedition Multiple Vulnerabilities (CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, & CVE-2024-9467)
Palo Alto Networks releases patches to address five security vulnerabilities impacting Palo Alto Networks’ Expedition solution. Successful exploitation may allow attackers to access sensitive data, such as user credentials, to help take over firewall admin accounts. An attacker may also chain the vulnerabilities to hijack PAN-OS firewalls. Palo Alto Networks is unaware of any malicious … Continue reading “Palo Alto Networks Expedition Multiple Vulnerabilities (CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, & CVE-2024-9467)”
PAN-OS Buffer overflow vulnerability (CVE-2020-2040)
Within a span of three months, one more critical vulnerability with a score of 10.0 has been observed in PAN-OS devices. When a Captive Portal or Multi-factor authentication interface is enabled on PAN-OS devices, it is considered to be vulnerable to critical buffer overflow vulnerability. This vulnerability is classified as CWE-120 and assigned CVE-2020-2040, on … Continue reading “PAN-OS Buffer overflow vulnerability (CVE-2020-2040)”
Palo Alto Networks PAN-OS:Authentication Bypass in SAML Authentication Vulnerability(PAN-148988)
Summary: A critical advisory was released by Palo Alto Networks for PAN-OS. PAN OS is the software that runs all Palo Alto Networks next-generation firewalls. Advisory Link: https://security.paloaltonetworks.com/CVE-2020-2021 Description: Authentication Bypass vulnerability was found in SAML(Security Assertion Markup Language) Authentication. An unauthenticated network-based attacker can access protected resources due to improper verification of signatures in PAN-OS SAML authentication. SAML Workflow SAML … Continue reading “Palo Alto Networks PAN-OS:Authentication Bypass in SAML Authentication Vulnerability(PAN-148988)”
Palo Alto Networks Expedition (Migration Tool) Unauthenticated Command Injection Vulnerability
A remote command injection vulnerability has been identified in Palo Alto Expedition (Migration Tool) . Expedition tool is used for moving firewall configurations from another vendor to Palo Alto’s product. It makes the conversion process easier to accomplish. MITRE has assigned CVE-2018-10143 for this vulnerability. Vulnerability Analysis: This vulnerability exists in convertCSVtoParquet.php which accepts user controlled input in a path … Continue reading “Palo Alto Networks Expedition (Migration Tool) Unauthenticated Command Injection Vulnerability”
PAN-OS Remote Root Code Execution : CVE-2017-15944
A remote code execution vulnerability has been discovered in the PAN-OS. The vulnerability has been assigned CVE-2017-15944. By exploiting this vulnerability an attacker can achieve arbitrary code execution in root context. The target is the web based management interface provided by the device for configuration and maintenance. The vulnerable versions are PAN-OS before 6.1.19, 7.0.x before 7.0.19, … Continue reading “PAN-OS Remote Root Code Execution : CVE-2017-15944”