Security News > 2024 > November > Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)
Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-9463, CVE-2024-9465) CVE-2024-9463 allows unauthenticated attackers to run arbitrary OS commands as root on vulnerable Expedition instances, leading to disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. CVE-2024-9465 – an SQL injection vulnerability – allows unauthenticated attackers to grab data from Expedition’s … More → The post Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/11/15/cve-2024-9463-cve-2024-9465/
Related news
- Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593) (source)
- Palo Alto Networks warns of firewall hijack bugs with public exploit (source)
- 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) (source)
- Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) (source)
- Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443) (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) (source)
- CISA warns of more Palo Alto Networks bugs exploited in attacks (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-09 | CVE-2024-9465 | SQL Injection vulnerability in Paloaltonetworks Expedition An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. | 9.1 |
| 2024-10-09 | CVE-2024-9463 | OS Command Injection vulnerability in Paloaltonetworks Expedition An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. | 7.5 |