Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910)

2024-11-08 11:36

A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Thursday. About CVE-2024-5910 Unearthed and reported by Brian Hysell of Synopsys Cybersecurity Research Center (CyRC), CVE-2024-5910 stems from missing authentication for a critical function, which can lead to an Expedition admin account takeover for attackers with network access to the installation. A security update fixing … More → The post Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) appeared first on Help Net Security.

News URL

https://www.helpnetsecurity.com/2024/11/08/cve-2024-5910/

#critical #CVE #paloalto #CVE-2024-5910

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-10	CVE-2024-5910	Missing Authentication for Critical Function vulnerability in Paloaltonetworks Expedition Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. network low complexity paloaltonetworks CWE-306 critical	9.8

News URL

Related news

Related Vulnerability