Security News > 2024 > April > Exploit released for Palo Alto PAN-OS bug used in attacks, patch now

Exploit released for Palo Alto PAN-OS bug used in attacks, patch now
2024-04-16 18:36

Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software.

While Palo Alto Networks has started releasing hotfixes on Monday to secure unpatched firewalls exposed to attacks, the vulnerability has been exploited in the wild as a zero-day since March 26th to backdoor firewalls using Upstyle malware, pivot to internal networks, and steal data by a threat group believed to be state-sponsored and tracked as UTA0218.

One day after Palo Alto Networks started releasing CVE-2024-3400 hotfixes, watchTowr Labs also released a detailed analysis of the vulnerability and a proof-of-concept exploit that can be used to execute shell commands on unpatched firewalls.

Exploit released for Fortinet RCE bug used in attacks, patch now.

Palo Alto Networks zero-day exploited since March to backdoor firewalls.

Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks.


News URL

https://www.bleepingcomputer.com/news/security/exploit-released-for-palo-alto-pan-os-bug-used-in-attacks-patch-now/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-04-12 CVE-2024-3400 Command Injection vulnerability in Paloaltonetworks Pan-Os
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.
network
low complexity
paloaltonetworks CWE-77
critical
10.0