Palo Alto Networks is warning that a critical flaw impacting its PAN-OS application made use of in its GlobalProtect gateways is becoming exploited in the wild.
Tracked as CVE-2024-3400, the issue has a CVSS score of 10., indicating maximum severity.
“A command injection vulnerability in the GlobalProtect aspect of Palo Alto Networks PAN-OS computer software for distinct PAN-OS versions and unique attribute configurations may possibly permit an unauthenticated attacker to execute arbitrary code with root privileges on the firewall,” the business stated in an advisory revealed these days.
The flaw impacts the following variations of PAN-OS, with fixes expected to be released on April 14, 2024 –
- PAN-OS < 11.1.2-h3
- PAN-OS < 11.0.4-h1
- PAN-OS < 10.2.9-h1
The company also said that the issue is applicable only to firewalls that have the configurations for equally GlobalProtect gateway (Network > GlobalProtect > Gateways) and product telemetry (Unit > Set up > Telemetry) enabled.
Cybersecurity organization Volexity has been credited with getting and reporting the bug.
Whilst there are no other specialized particulars about the character of the attacks, Palo Alto Networks acknowledged that it really is “mindful of a restricted quantity of assaults that leverage the exploitation of this vulnerability.”
In the interim, it truly is recommending customers with a Menace Prevention membership to help Menace ID 95187 to secure against the threat.
The growth comes as Chinese threat actors have more and more relied on zero-day flaws impacting Barracuda Networks, Fortinet, Ivanti, and VMware to breach targets of curiosity and deploy covert backdoors for persistent access.
Uncovered this write-up intriguing? Stick to us on Twitter and LinkedIn to read extra unique material we article.
Some parts of this article are sourced from:
thehackernews.com