Security News > 2024 > November > CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability
2024-11-08 05:17
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 (CVSS score: 9.3), concerns a case of missing authentication in the Expedition migration tool that
News URL
https://thehackernews.com/2024/11/cisa-alerts-to-active-exploitation-of.html
Related news
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) (source)
- Palo Alto Networks warns of potential PAN-OS RCE vulnerability (source)
- CISA warns of more Palo Alto Networks bugs exploited in attacks (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-10 | CVE-2024-5910 | Missing Authentication for Critical Function vulnerability in Paloaltonetworks Expedition Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. | 9.8 |