all InfoSec news
CVE-2024-3400: Zero-Day Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Gateway Exploited in the Wild
Cyber Exposure Alerts www.tenable.com
A critical severity command injection vulnerability in Palo Alto Networks PAN-OS has been exploited in limited targeted attacks. While a fix is not yet available, patches are expected to be released on April 14 and mitigation steps are available.
Background
On April 12, Palo Alto Networks released a security advisory for a critical command injection vulnerability affecting PAN-OS, the custom operating system (OS) Palo Alto Networks (PAN) uses in their next-generation firewalls.
CVEDescriptionCVSSv3SeverityCVE-2024-3400Command Injection Vulnerability in …alto april attacks command command injection critical cve cve-2024 cve-2024-3400 exploited fix gateway globalprotect injection in the wild mitigation networks palo palo alto palo alto networks palo alto networks pan-os pan pan-os patches severity targeted attacks vulnerability zero-day zero-day vulnerability