Critical vulnerability at Palo Alto Networks: Patches and CISA warnings

The latest serious security vulnerability in products from Palo Alto Networks has now received patches and is calling on various security authorities such as the Cybersecurity and Infrastructure Security Agency (CISA) to warn about this. This critical vulnerability primarily affects the PAN-OS operating system and has been actively exploited by several attackers. In this summary, we provide details about the vulnerability, the available patches, and how companies should respond.

Table of Contents

Patches and Affected Versions

After several weeks of speculation and exploits in underground forums, Palo Alto Networks Patches for the major versions of PAN OS The security vulnerabilities thus resolved allow attackers to bypass the authentication processes of the networks in order to inject malicious code.

  • CVE-2024-0012: Allows to bypass authentication (CVSS critical score: 9.3).
  • CVE-2024-9474: Allows code execution through privilege escalation (average CVSS score: 6.9).

Affected versions of PAN-OS are: 10.1, 10.2, 11.0, 11.1, 11.2. Companies using these versions should upgrade to the latest security update as soon as possible:

  • version 11.2.4-h1
  • version 11.1.5-h1
  • version 11.0.6-h1
  • version 10.2.12-h2
  • version 10.1.14-h6

US-CISA and its warning

CISA has announced in a recent announcement that there are several attack tools in circulation that actively exploit these vulnerabilities. In an urgent addition to the catalog of known vulnerabilities is warned about the use of these vulnerabilities by advanced threat actors (APT).

Confusion about the date and origin of the vulnerability

Interestingly, Palo Alto Networks various conflicting information. Their own security reports question the release date and it seems that the company has unnecessarily obscured the process of how long this vulnerability was known about. Some researchers have also criticized the lack of a clear timeline and ambiguous updates.

recommendations and conclusion

Companies that manage systems with PAN-OS should urgently install the latest security updates and ensure that no management interfaces are accessible from the public network. Administrators in particular should be aware that several exploits are now in circulation and that cyber criminals could gain access to sensitive networks. A swift response is therefore necessary.

How do I reliably protect my company from hackers?
With the support of good hackers!
Contact us now
Share your feedback and help us improve our services!

Share your feedback and help us improve our services!

Take 1 minute to give us some feedback. This way we can ensure that our IT security solutions meet your exact needs.