Monday , May 27 2024
Palo alto

ZERO DAY ALERT
Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack

A critical zero-day vulnerability in Palo Alto Networks’ PAN-OS software. It is being used by attackers, but there are no patches to fix it yet. Palo Alto Networks issued an alert on April 12, 2024, thanking cybersecurity firm Volexity for discovering the flaw.

There is a command injection vulnerability in the GlobalProtect feature of Palo Alto Networks’ PAN-OS software for certain versions. The zero-day vulnerability is identified as CVE-2024-3400 and has been given the highest severity score of 10.0 (CVSS).

Researcher claimed: Biometrics of Indian Forces Exposed

Jeremiah Fowler, a security researcher, claimed to discover a major vulnerability in India's data security. He found an unprotected database...
Read More
Researcher claimed: Biometrics of Indian Forces Exposed

NSA Releases Guidance on Zero Trust Maturity

The NSA released an information sheet called "Advancing Zero Trust Maturity Throughout the Application and Workload Pillar." This sheet will...
Read More
NSA Releases Guidance on Zero Trust Maturity

Data protection is sovereignty: Mohammad A. Arafat
INFOCOM Dhaka ends promoting cyber resiliency

The two day long 7th edition of INFOCOM, India's biggest business, technology, and leadership event, themed "Sustainable Disruption", concluded today...
Read More
Data protection is sovereignty: Mohammad A. Arafat  INFOCOM Dhaka ends promoting cyber resiliency

Phoenix Summit 2024
Two days phoenix summit ended successfully at Dhaka

TheTeamPhoenix, a non-profit organization, successfully hosted Phoenix Summit 2024, the largest cyber security event in Bangladesh, from May 23-24. This...
Read More
Phoenix Summit 2024  Two days phoenix summit ended successfully at Dhaka

CISA Added Apache Flink CVE-2020-17519 Vulnerability to KEV

CISA warns Apache Flink users about a critical vulnerability. Cybercriminals are exploiting this flaw to compromise systems. Apache Flink is...
Read More
CISA Added Apache Flink CVE-2020-17519 Vulnerability to KEV

Cisco released software updates for CVE 2024-20360

Cisco, a global network solutions leader, has reported a security issue with its Firepower Management Center (FMC) software. This vulnerability,...
Read More
Cisco released software updates for CVE 2024-20360

Ivanti Patches Critical RCE Flaws in Endpoint Manager

Ivanti on Tuesday declare to patch for several products, including fixes for critical vulnerabilities in Endpoint Manager (EPM). Ivanti resolved...
Read More
Ivanti Patches Critical RCE Flaws in Endpoint Manager

German police warn of cyberattacks via Office 365

ompanies in Germany are facing a new wave of cyberattacks. The State Criminal Police Office of North Rhine-Westphalia has issued...
Read More
German police warn of cyberattacks via Office 365

Hacktivists group target Philippines government ransomware attack

SentinelOne researchers found that the Ikaruz Red Team is targeting the Philippines government using different ransomware builders like LockBit, Vice...
Read More
Hacktivists group target Philippines government ransomware attack

CISA ALERT
CISA Warns Exploiting NextGen Healthcare Mirth Connect Flaw

The US cybersecurity agency, CISA, added a flaw in NextGen Healthcare's Mirth Connect product to its catalog of Known Exploited...
Read More
CISA ALERT  CISA Warns Exploiting NextGen Healthcare Mirth Connect Flaw

“Distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall,” Palo Alto said in the advisory.

Limited Active Exploitation:

The versions concerned are the following:

PAN-OS < 11.1.2-h3
PAN-OS < 11.0.4-h1
PAN-OS < 10.2.9-h1

The company also said that the vulnerability can only be exploited with firewalls that have the configurations for both GlobalProtect gateway (Network > GlobalProtect > Gateways) and device telemetry (Device > Setup > Telemetry) enabled.

The firm has confirmed a limited number of attacks using this vulnerability.

Upcoming Fixes for CVE-2024-3400:

Although there are no fixes available, Palo Alto issued some mitigation recommendations:

Apply a vulnerability protection security profile to the GlobalProtect interface to prevent exploitation
Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 95187

The firm announced the flaw will be fixed on April 14 during a series of hotfixes for PAN-OS versions 11.1.2-h3, 11.0.4-h1, and 10.2.9-h1.

CVE 2024-3385, Another (Fixed) Flaw in PAN-OS:

This advisory comes two days after another vulnerability was discovered in PAN-OS. This flaw allows a remote attacker to reboot firewalls and can cause a denial of service (DoS) attack. This issue was fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.

Check Also

Xaomi

Xiaomi Android Devices Hit by Multiple Flaws

Researchers found multiple vulnerabilities in various applications and system components on Xiaomi devices. “The vulnerabilities …

Leave a Reply

Your email address will not be published. Required fields are marked *