Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack

Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 CVSS score: 10.0, could be weaponized to obtain unauthenticated remote shell command execution o...

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 CVSS score: 10.0, as "intricate" and a combination of two bugs in...

Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company's Unit 42 division is tracking the activity under the name Operation...

PT-2024-2752

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS 10.2 Palo Alto Networks PAN-OS 11.0 Palo Alto Networks PAN-OS 11.1 Description A command injection issue exists in the GlobalProtect feature of Palo Alto Networks PAN-OS software. The flaw stems from an arbitrary file...