The latest serious security vulnerability in products from Palo Alto Networks has now received patches and is calling on various security authorities such as the Cybersecurity and Infrastructure Security Agency (CISA) to warn about this. This critical vulnerability primarily affects the PAN-OS operating system and has been actively exploited by several attackers. In this summary, we provide details about the vulnerability, the available patches, and how companies should respond.
After several weeks of speculation and exploits in underground forums, Palo Alto Networks Patches for the major versions of PAN OS The security vulnerabilities thus resolved allow attackers to bypass the authentication processes of the networks in order to inject malicious code.
Affected versions of PAN-OS are: 10.1, 10.2, 11.0, 11.1, 11.2. Companies using these versions should upgrade to the latest security update as soon as possible:
CISA has announced in a recent announcement that there are several attack tools in circulation that actively exploit these vulnerabilities. In an urgent addition to the catalog of known vulnerabilities is warned about the use of these vulnerabilities by advanced threat actors (APT).
Interestingly, Palo Alto Networks various conflicting information. Their own security reports question the release date and it seems that the company has unnecessarily obscured the process of how long this vulnerability was known about. Some researchers have also criticized the lack of a clear timeline and ambiguous updates.
Companies that manage systems with PAN-OS should urgently install the latest security updates and ensure that no management interfaces are accessible from the public network. Administrators in particular should be aware that several exploits are now in circulation and that cyber criminals could gain access to sensitive networks. A swift response is therefore necessary.
We use cookies, and Google reCAPTCHA, which loads Google Fonts and communicates with Google servers. By continuing to use our website, you agree to the use of cookies and our privacy policy.