all InfoSec news
Palo Alto Networks Discloses Critical PAN-OS Zero Day
Malware Analysis, News and Indicators - Latest topics malware.news
Palo Alto Networks is warning customers of a critical-severity vulnerability in its PAN-OS software for firewalls. The flaw is currently being exploited in the wild, and patches won’t be available until Sunday.
The vulnerability (CVE-2024-3400) ranks 10 out of 10 on the CVSS scale, and stems from a command injection issue in the GlobalProtect feature of PAN-OS. The flaw could enable unauthenticated attackers to execute arbitrary code with root privileges on the firewall. The flaw can lead to successful exploitation …
alto command command injection critical customers cve cve-2024 cve-2024-3400 cvss exploited firewalls flaw injection in the wild issue networks palo palo alto palo alto networks pan pan-os patches scale severity software vulnerability warning