Palo Alto Networks released hotfixes to fix a serious security flaw in PAN-OS software, being actively exploited. The CVE-2024-3400 vulnerability has a critical CVSS score of 10.0. It is a command injection flaw in the globalProtect feature that allows an unauthenticated attacker to run any code with root privileges on the firewall.
Fixes for the shortcoming are available in the following versions –
By infosecbulletin
/ Monday , May 13 2024
The banking industry in Bangladesh is the core driver in economic development of the country. The focus on inclusion and...
Read More
By infosecbulletin
/ Monday , May 13 2024
Fortinet reported that in the second half of 2023, the average time form the disclosure of a vulnerability to its...
Read More
By infosecbulletin
/ Sunday , May 12 2024
Indian government websites have been used by scammers to place ads that send visitors to online betting sites. TechCrunch found...
Read More
By infosecbulletin
/ Sunday , May 12 2024
Ransomware damage costs are predicted to exceed $265 billion by 2031, and it is expected to be the fastest growing...
Read More
By infosecbulletin
/ Saturday , May 11 2024
CISA, FBI, HHS, and MS-ISAC released a joint Cybersecurity Advisory called #StopRansomware: Black Basta. It provides tactics, techniques, procedures, and...
Read More
By infosecbulletin
/ Saturday , May 11 2024
According to cybersecurity analysts at Dragos, while cloud adoption offers many benefits for industrial companies , it also poses certain...
Read More
By infosecbulletin
/ Friday , May 10 2024
Google released an urgent security update for Chrome browser. The update fixes a critical vulnerability that is already being exploited...
Read More
By infosecbulletin
/ Friday , May 10 2024
A security breach has been reported, with a threat actor claiming to be selling a database with 49 million customer...
Read More
By infosecbulletin
/ Thursday , May 9 2024
Eclypsium recently found flaws in F5’s BIG-IP Next Central Manager, which could let attackers take control of the network. BIG-IP...
Read More
By infosecbulletin
/ Wednesday , May 8 2024
he UK government confirmed that hackers recently broke into the country's Ministry of Defence and accessed part of the Armed...
Read More
PAN-OS 10.2.9-h1
PAN-OS 11.0.4-h1, and
PAN-OS 11.1.2-h3
“This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls configured with GlobalProtect gateway or GlobalProtect portal (or both) and device telemetry enabled,” the company clarified in its updated advisory.
Cloud NGFW firewalls are not impacted by CVE-2024-3400. However, specific PAN-OS versions and feature configurations of firewall VMs managed by customers in the cloud are affected.
Palo Alto Networks Unit 42 is tracking the malicious activity under the name Operation MidnightEclipse.
Volexity attributed the activity to a group called UTA0218, and stated that CVE-2024-3400 has been used since at least March 26, 2024, to deploy a Python-based backdoor named UPSTYLE on the firewall, enabling the execution of commands through specially crafted requests.