Alert
Criminals are attacking Paloalto Networks firewalls around the world, exploiting a critical vulnerability that received the highest possible severity rating from CVSS, a score of 10 out of 10.
The flaw applies to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with GlobalProtect gateway and device telemetry settings enabled.
A quick look at Paloalto's firewalls exposed on the internet shows the public exposure of the service in a park of more than 40 thousand assets on the Internet.
NetSensor clients
Companies using NetSensor Magic and HackNet technologies are protected against criminals who are seeking targets on the internet with Paloalto's Firewall exposed.
NetSensor technologies bring invisibility to the IT structure that is being protected, preventing services and their respective vulnerabilities from being located, even if they are present and exposed on the internet.
About Vulnerability
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations could allow an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
The vulnerability was disclosed by Paloalto yesterday, 04/12/2024 and received the CVE CVE-2024-3400.
The degree of severity assigned to the flaw was 10, which is the maximum score in the CVSS vulnerability classification system.
The flaw applies to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with GlobalProtect gateway and device telemetry settings enabled.
Fixes for PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 are in development and expected to be released by April 14, 2024. Cloud NGFW, Panorama, and Prisma Access devices are not affected by this vulnerability. All other versions of PAN-OS will also not be affected.
Information released by Paloalto:
Read too: