Security News > 2024 > November > CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability
2024-11-08 05:17
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 (CVSS score: 9.3), concerns a case of missing authentication in the Expedition migration tool that
News URL
https://thehackernews.com/2024/11/cisa-alerts-to-active-exploitation-of.html
Related news
- CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
- SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors (source)
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-10 | CVE-2024-5910 | Missing Authentication for Critical Function vulnerability in Paloaltonetworks Expedition Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. | 9.8 |