Security News > 2024 > November > Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified

Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified
2024-11-24 09:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest attacks Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scanning has revealed. Researchers unearth two previously unknown Linux backdoors ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. ScubaGear: Open-source tool to … More → The post Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2024/11/24/week-in-review-0-days-exploited-in-palo-alto-networks-firewalls-two-unknown-linux-backdoors-identified/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-11-18 CVE-2024-9474 OS Command Injection vulnerability in Paloaltonetworks Pan-Os
A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.
network
low complexity
paloaltonetworks CWE-78
7.2
2024-11-18 CVE-2024-0012 Missing Authentication for Critical Function vulnerability in Paloaltonetworks Pan-Os
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software. Cloud NGFW and Prisma Access are not impacted by this vulnerability.
network
low complexity
paloaltonetworks CWE-306
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2602 1595 67 4328