Monday , July 13 2026
palo alto

Palo Alto network shared latest remediation of CVE-2024-3400

Palo Alto Networks has given urgent advice to the remediation of a critical vulnerability, known as CVE-2024-3400, which attackers have used to get unauthorized access.

The cybersecurity company has provided clear steps for organizations to reduce the risks of this breach and protect their networks from future attacks.

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh. In an advisory CIRT said, the campaign has been observed globally,...
Read More
CIRT identified 153 publicly exposed FortiGate devices in Bangladesh
Environment:
Palo Alto Firewalls
PAN-OS 10.2.x, 11.0.x, 11.1.x (Refer to the Palo Alto Networks Security Advisory for the affected versions)
CVE-2024-3400
GlobalProtect

Procedure:

Level 0 Probe: Unsuccessful exploitation attempt
Suggested Remediation: Update to the latest PAN-OS hotfix.
As best practice to secure running-configs, create a master key and elect AES-256-GCM.
Reason for suggested remediation: PAN-OS hotfixes sufficiently fix the vulnerability. Private Data reset or Factory reset is not suggested as there is no indication of a compromise.

Level 1 Test:
Vulnerability being tested on the device, a 0-byte file has been created and is resident on the firewall, no indication of any known unauthorized command execution.
Suggested Remediation: Update to the latest PAN-OS hotfix.
As best practice to secure running-configs, create a master key and elect AES-256-GCM.
Reason for suggested remediation: PAN-OS hotfixes sufficiently fix the vulnerability. Private data reset or factory reset is not suggested as there is no indication of any known unauthorized command execution or exfiltration of files.

Level 2 Potential Exfiltration:
A file on the device has been copied to a location accessible via a web request, though the file may or may not have been subsequently downloaded. Typically, the file we have observed being copied is running_config.xml. The suggested remediation will eliminate the possibility of capturing forensic artifacts.
Suggested Remediation: Update to the latest PAN-OS hotfix and perform a Private Data Reset
How To Perform Private Data Reset and Factory Reset as part of CVE-2024-3400 Level 2 and Level 3 Remediation
Reason for suggested remediation: Performing a private data reset eliminates risks of potential misuse of device data.

Level 3 Interactive access:
Interactive command execution: May include shell-based back doors, introduction of code, pulling files, running commands. The suggested remediation will eliminate the possibility of capturing Forensic Artifacts.
Suggested Remediation: Update to the latest PAN-OS hotfix and perform a Factory Reset
How to Perform Private Data Reset and Factory Reset as part of CVE-2024-3400 Level 2 and Level 3 Remediation
Reason for suggested remediation: A factory reset is recommended due to evidence of more invasive threat actor activity.

Palo Alto Networks has highlighted the importance of regular security audits and advanced threat detection tools to find and prevent vulnerabilities from being exploited.

Check Also

CLI

Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a “massive, ongoing, automated password spray attack” aimed at Microsoft’s …