Lucene search

Palo Alto Networks Product Security Incident Response TeamPA-CVE-2024-3385

HistoryApr 10, 2024 - 4:00 p.m.

PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled

2024-04-1016:00:00

Palo Alto Networks Product Security Incident Response Team

securityadvisories.paloaltonetworks.com

pan-os

firewall

denial of service

gtp security

reboot

maintenance mode

remote attacker

threat prevention

threat id 94993

pa-5400 series

pa-7000 series

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.7%

JSON

A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.

This affects the following hardware firewall models:

PA-5400 Series firewalls
PA-7000 Series firewalls

Work around:
Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).

CPENameOperatorVersion
pan-oslt9.0.17-h4
pan-oslt9.1.17
pan-oslt10.1.12
pan-oslt10.2.8
pan-oslt11.0.3

Name	Operator	Version
pan-os	lt	9.0.17-h4
pan-os	lt	9.1.17
pan-os	lt	10.1.12
pan-os	lt	10.2.8
pan-os	lt	11.0.3

References

security.paloaltonetworks.com/CVE-2024-3385