all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway

Add to bookmarks
April 12, 2024, 7:42 p.m. |

SpiderLabs Blog from Trustwave www.trustwave.com

Overview


command injection vulnerability has been discovered in the GlobalProtect feature within Palo Alto Networks PAN-OS software for specific versions that have distinct feature configurations that may enable a remote, unauthenticated attacker to execute arbitrary code with root privileges on the firewall.

alto arbitrary code attacker code command command injection cve cve-2024 cve-2024-3400 enable feature firewall gateway globalprotect injection may networks os command palo palo alto palo alto networks palo alto networks pan-os pan pan-os privileges root software unauthenticated vulnerability

Visit resource

More from www.trustwave.com / SpiderLabs Blog from Trustwave

2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies 4 days, 14 hours ago | www.trustwave.com
balance briefing charge cybersecurity +24
How to Create the Asset Inventory You Probably Don't Have 5 days, 14 hours ago | www.trustwave.com
asset asset inventory blog blog posts +10
Guardians of the Gateway: Identity and Access Management Best Practices 1 week, 5 days ago | www.trustwave.com
access access management best practices blog +16
Protecting Zion: InfoSec Encryption Concepts and Tips 2 weeks, 5 days ago | www.trustwave.com
blog blog posts can concepts +11
EDR – The Multi-Tool of Security Defenses 3 weeks, 5 days ago | www.trustwave.com
blog blog posts can cybersecurity +10
The Invisible Battleground: Essentials of EASM 3 weeks, 5 days ago | www.trustwave.com
attack attack surface attack surface management cyber +13
Fake Dialog Boxes to Make Malware More Convincing 1 month ago | www.trustwave.com
dialog engagement fake loader +7
The Secret Cipher: Modern Data Loss Prevention Solutions 1 month ago | www.trustwave.com
automated can cipher data +18
CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway 1 month ago | www.trustwave.com
alto arbitrary code attacker code +25

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg

@ Hifield | Strasbourg, France
View on infosec-jobs.com

Lead Security Specialist

@ KBR, Inc. | USA, Dallas, 8121 Lemmon Ave, Suite 550, Texas
View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com