Security News > 2024 > November > Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
Palo Alto Networks has released fixes for two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in its next-generation firewalls that have been exploited by attackers as zero-days. About the vulnerabilities (CVE-2024-0012, CVE-2024-9474) CVE-2024-0012 stems from missing authentication for a critical function and allows unauthenticated attackers with network access to the management web interface “to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474,” according to Palo … More → The post Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/11/18/cve-2024-0012-cve-2024-9474/
Related news
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
- Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach (source)
- Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization (source)
- Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756) (source)
- Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems (source)
- SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection (source)
- Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-18 | CVE-2024-9474 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability. | 7.2 |
| 2024-11-18 | CVE-2024-0012 | Missing Authentication for Critical Function vulnerability in Paloaltonetworks Pan-Os An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software. Cloud NGFW and Prisma Access are not impacted by this vulnerability. | 9.8 |