InfoSecBulletin Cybersecurity for mankind
A critical zero-day vulnerability in Palo Alto Networks’ PAN-OS software. It is being used by attackers, but there are no patches to fix it yet. Palo Alto Networks issued an alert on April 12, 2024, thanking cybersecurity firm Volexity for discovering the flaw.
There is a command injection vulnerability in the GlobalProtect feature of Palo Alto Networks’ PAN-OS software for certain versions. The zero-day vulnerability is identified as CVE-2024-3400 and has been given the highest severity score of 10.0 (CVSS).
Samsung phone is saving your passwords in plain text
UK Software Firm Exposed 8 million of Healthcare Worker Records
GitHub Enterprise Server Vulns Expose Risk of Code Execution
CVE-2025-2492
ASUS warns of critical auth bypass flaw in routers
16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE
CISA warns of increasing risk tied to Oracle legacy Cloud leak
CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App
Apple released emergency security updates for 2 zero-day vulns
Oracle Released Patched for 378 flaws for April 2025
“Distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall,” Palo Alto said in the advisory.
Limited Active Exploitation:
The versions concerned are the following:
PAN-OS < 11.1.2-h3
PAN-OS < 11.0.4-h1
PAN-OS < 10.2.9-h1
The company also said that the vulnerability can only be exploited with firewalls that have the configurations for both GlobalProtect gateway (Network > GlobalProtect > Gateways) and device telemetry (Device > Setup > Telemetry) enabled.
The firm has confirmed a limited number of attacks using this vulnerability.
Upcoming Fixes for CVE-2024-3400:
Although there are no fixes available, Palo Alto issued some mitigation recommendations:
Apply a vulnerability protection security profile to the GlobalProtect interface to prevent exploitation
Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 95187
The firm announced the flaw will be fixed on April 14 during a series of hotfixes for PAN-OS versions 11.1.2-h3, 11.0.4-h1, and 10.2.9-h1.
CVE 2024-3385, Another (Fixed) Flaw in PAN-OS:
This advisory comes two days after another vulnerability was discovered in PAN-OS. This flaw allows a remote attacker to reboot firewalls and can cause a denial of service (DoS) attack. This issue was fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.
