Security News > 2024 > April > Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks
Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks.
"Palo Alto Networks is aware of a limited number of attacks that leverage the exploitation of this vulnerability," warns the Palo Alto security bulletin.
"A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall," explains the Palo Alto Networks advisory.
BleepingComputer contacted Volexity and Palo Alto Networks with questions on how the zero-day is being exploited.
Palo Alto Networks devices often become targets of sophisticated threat actors due to their deployment in corporate networks.
Hackers exploit Aiohttp bug to find vulnerable networks.
News URL
Related news
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
- Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) (source)
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack (source)
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- Palo Alto Networks zero-day exploited since March to backdoor firewalls (source)
- Palo Alto Networks fixes zero-day exploited to backdoor firewalls (source)
- Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation (source)
- 22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks (source)
- Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack (source)
- Apple fixes two new iOS zero-days exploited in attacks on iPhones (source)