zCat on Nostr: PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released Palo Alto ...
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild.
The vulnerability, which is yet to be assigned a CVE identifier, carries a CVSS score of 9.3, indicating critical severity. It allows for unauthenticated remote command execution.
The advisory comes as three different critical flaws in the Palo Alto Networks Expedition (CVE-2024-5910, CVE-2024-9463, and CVE-2024-9465) have come under active exploitation, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). At this stage, there is no evidence to suggest that the activities are related.
See more: https://thehackernews.com/2024/11/pan-os-firewall-vulnerability-under.html
#cybersecurity #paloaltonetworks #zeroday
Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild.
The vulnerability, which is yet to be assigned a CVE identifier, carries a CVSS score of 9.3, indicating critical severity. It allows for unauthenticated remote command execution.
The advisory comes as three different critical flaws in the Palo Alto Networks Expedition (CVE-2024-5910, CVE-2024-9463, and CVE-2024-9465) have come under active exploitation, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). At this stage, there is no evidence to suggest that the activities are related.
See more: https://thehackernews.com/2024/11/pan-os-firewall-vulnerability-under.html
#cybersecurity #paloaltonetworks #zeroday
quoting nevent1q…ay5uPalo Alto Networks warns of critical RCE zero-day exploited in attacks
Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as 'PAN-SA-2024-0015,' is actively being exploited in attacks.
The flaw was originally disclosed on November 8, 2024, with Palo Alto Networks warning customers to restrict access to their next-generation firewalls because of a "potential" remote code execution (RCE) vulnerability impacting them.
No signs of exploitation were detected at that time, but now, one week later, the situation has changed.
See more: https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-critical-rce-zero-day-exploited-in-attacks/
#cybersecurity #rce #zeroday
nevent1q…406q