top of page
Writer's pictureAnup Ghosh

Critical Firewall Flaw Exploited: What PAN-OS Admins Need to Know


The Download

This may sound like a broken record, but the recent vulnerabilities in Palo Alto Networks next gen firewalls require urgent patching. Two vulnerabilities tracked as CVE-2024-0012 and CVE-2024-9474 are being actively exploited by adversaries to break into networks. Both of these were previously disclosed as zero-day vulnerabilities. The first vulnerability, CVE-2024-0012 is an authentication bypass vulnerability, which when exploited, allows an attacker the ability to bypass authentication to the firewall. The second vulnerability, CVE-2024-9474, allows a privilege escalation attack.

When these two vulnerabilities are chained together in an attack, they can be used to bypass authentication and run remote code execution (RCE) attack to take administrative control over the corporate firewall. Given the recent indications these vulnerabilities are being actively exploited, it is urgent that managed service providers identify these vulnerabilities in their client networks and patch immediately.


What You Can Do

IT administrators must update PAN-OS to the latest patched version immediately and disable vulnerable configurations. Implement robust network segmentation, monitor logs for unusual activity, and use intrusion detection systems to identify exploit attempts. You should be scanning the external attack surface of your clients on a daily basis to find any exploitable vulnerabilities that adversaries will find. ThreatMate's automated pen testing and vulnerability scanning solutions have you covered.


To Learn More:

109 views
bottom of page