all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2024-3400: Zero-Day Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Gateway Exploited in the Wild

Add to bookmarks
April 12, 2024, 5:19 p.m. | Scott Caveza

Cyber Exposure Alerts www.tenable.com

A critical severity command injection vulnerability in Palo Alto Networks PAN-OS has been exploited in limited targeted attacks. While a fix is not yet available, patches are expected to be released on April 14 and mitigation steps are available.

Background

On April 12, Palo Alto Networks released a security advisory for a critical command injection vulnerability affecting PAN-OS, the custom operating system (OS) Palo Alto Networks (PAN) uses in their next-generation firewalls.

CVEDescriptionCVSSv3SeverityCVE-2024-3400Command Injection Vulnerability in …

alto april attacks command command injection critical cve cve-2024 cve-2024-3400 exploited fix gateway globalprotect injection in the wild mitigation networks palo palo alto palo alto networks palo alto networks pan-os pan pan-os patches severity targeted attacks vulnerability zero-day zero-day vulnerability

Visit resource

More from www.tenable.com / Cyber Exposure Alerts

CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor 4 days, 11 hours ago | www.tenable.com
adaptive security arcanedoor blog called +15
CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited 6 days, 18 hours ago | www.tenable.com
advisory april crushftp customers +23
Oracle April 2024 Critical Patch Update Addresses 239 CVEs 1 week, 5 days ago | www.tenable.com
addresses april cpu critical +12
CVE-2024-3400: Zero-Day Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Gateway Exploited in the Wild 2 weeks, 3 days ago | www.tenable.com
alto april attacks command +25
Microsoft’s April 2024 Patch Tuesday Addresses 147 CVEs (CVE-2024-29988) 2 weeks, 6 days ago | www.tenable.com
addresses april critical critical vulnerabilities +13
Frequently Asked Questions About CVE-2024-3094, A Backdoor in XZ Utils 1 month ago | www.tenable.com
CVE-2023-48788: Critical Fortinet FortiClientEMS SQL Injection Vulnerability 1 month, 2 weeks ago | www.tenable.com
address advisory arbitrary code attacker +20
Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-21407) 1 month, 2 weeks ago | www.tenable.com
CVE-2024-27198, CVE-2024-27199: Two Authentication Bypass Vulnerabilities in JetBrains TeamCity 1 month, 3 weeks ago | www.tenable.com

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Engineer

@ Core10 | Nashville, Tennessee, United States - Remote
View on infosec-jobs.com

Security Operations Engineer I

@ Jamf | US Remote
View on infosec-jobs.com

IT Security ISSO Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Compliance Officer

@ Aspire Software | Canada - Remote
View on infosec-jobs.com

Security Operations Center (SOC) - AVP

@ Paytm | Noida, Uttar Pradesh
View on infosec-jobs.com
View more jobs