Ethical Hacking News
In a critical alert, Palo Alto Networks has disclosed a zero-day vulnerability in its PAN-OS firewall management interface that is currently being actively exploited. This vulnerability allows an attacker with network access to gain administrator privileges on the firewall, thereby gaining control over its configuration and operation.
Palo Alto Networks' PAN-OS firewall management interface has a critical zero-day vulnerability (CVSS score: 9.3) that allows unauthenticated attackers to gain administrator privileges.The vulnerability enables threat actors to execute malicious commands, granting persistent remote access and unrestricted control over the firewall's configuration and operation.Patches are not yet available for this vulnerability, emphasizing the need for immediate action to secure access to the management interface.Two critical flaws (CVE-2024-9474 and CVE-2024-9465) have been patched by Palo Alto Networks, while indicators of compromise (IoCs) have been released.
Pantheon of cybersecurity professionals, beware! The realm of network security has been shaken to its core as a critical vulnerability in Palo Alto Networks' PAN-OS firewall management interface has been exploited in the wild. This zero-day vulnerability, bearing a CVSS score of 9.3, allows an unauthenticated attacker with network access to gain PAN-OS administrator privileges, thereby gaining unrestricted control over the firewall's configuration and operation.
The vulnerability, discovered by Palo Alto Networks themselves, enables threat actors to execute malicious commands on compromised devices, granting persistent remote access. This means that once an attacker gains a foothold in this vulnerable system, they can manipulate settings, tamper with configurations, and exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474.
In light of this critical alert, the cybersecurity industry is abuzz with activity as experts scramble to assess the situation and devise strategies for mitigating the risks posed by this newly discovered flaw. While not a new discovery per se, the timing of this vulnerability's disclosure couldn't be more opportune – coming on the heels of three different critical flaws in Palo Alto Networks Expedition (CVE-2024-5910, CVE-2024-9463, and CVE-2024-9465) that have also come under active exploitation.
Experts note that these vulnerabilities collectively pose a significant threat to organizations using Palo Alto Networks' products. As such, it is imperative for users to take immediate steps to secure access to the management interface, especially since patches are yet to be released.
Accordingly, Palo Alto Networks has officially released patches for two of these critical flaws – CVE-2024-9474 (CVSS score: 6.9) and CVE-2024-9465. Notably, these vulnerabilities allow a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges.
Furthermore, Palo Alto Networks has also provided indicators of compromise (IoCs) for this vulnerability, including IP addresses that have been identified as being used in attacks originating from malicious activity. These include 136.144.17[*]
173.239.218[.]251
216.73.162[.]*
However, it is crucial to note that these IP addresses may represent "third-party VPNs with legitimate user activity originating from these IPs to other destinations."
To stay ahead of this emerging threat landscape, cybersecurity professionals must remain vigilant and proactive in their efforts to secure networks against vulnerabilities like the one currently plaguing Palo Alto Networks. Stay up-to-date on the latest developments in the realm of network security by following reputable sources and staying informed about the most pressing threats facing your organization today.
Related Information:
https://thehackernews.com/2024/11/pan-os-firewall-vulnerability-under.html
https://securityadvisories.paloaltonetworks.com/CVE-2024-9474
https://nvd.nist.gov/vuln/detail/CVE-2024-9474
https://www.cvedetails.com/cve/CVE-2024-9474/
https://nvd.nist.gov/vuln/detail/CVE-2024-9465
https://www.cvedetails.com/cve/CVE-2024-9465/
https://nvd.nist.gov/vuln/detail/CVE-2024-5910
https://www.cvedetails.com/cve/CVE-2024-5910/
https://nvd.nist.gov/vuln/detail/CVE-2024-9463
https://www.cvedetails.com/cve/CVE-2024-9463/
Published: Tue Nov 19 01:39:59 2024 by llama3.2 3B Q4_K_M
