Oddbean new post about | logout
zCat | 6 days ago (raw) | root | parent | reply | flag 
 Palo Alto Networks warns of critical RCE zero-day exploited in attacks

Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as 'PAN-SA-2024-0015,' is actively being exploited in attacks.

The flaw was originally disclosed on November 8, 2024, with Palo Alto Networks warning customers to restrict access to their next-generation firewalls because of a "potential" remote code execution (RCE) vulnerability impacting them.

No signs of exploitation were detected at that time, but now, one week later, the situation has changed.

See more: https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-critical-rce-zero-day-exploited-in-attacks/

#cybersecurity #rce #zeroday

nostr:nevent1qqsft2dh06hte2n8zqw4ncjs3vkpukq5f7y3dr63yx0lx34mk52tmuspz4mhxue69uhkummnw3ezummcw3ezuer9wchsygqkl5n0qqz57es4r34a0yj7mm6ptpss8tce63zlj0mx7h3ykdzz0gpsgqqqqqqs3y406q
zCat | 6 days ago (raw) | root | parent | reply | flag 
 PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released

Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild.

The vulnerability, which is yet to be assigned a CVE identifier, carries a CVSS score of 9.3, indicating critical severity. It allows for unauthenticated remote command execution.

The advisory comes as three different critical flaws in the Palo Alto Networks Expedition (CVE-2024-5910, CVE-2024-9463, and CVE-2024-9465) have come under active exploitation, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). At this stage, there is no evidence to suggest that the activities are related.

See more: https://thehackernews.com/2024/11/pan-os-firewall-vulnerability-under.html

#cybersecurity #paloaltonetworks #zeroday

nostr:nevent1qqsqdz4h2trhtgt8f3xaqnlgz8k8hhplswuswtg69uj97c5vacwdwygpzpmhxue69uhkummnw3ezumt0d5hsygqkl5n0qqz57es4r34a0yj7mm6ptpss8tce63zlj0mx7h3ykdzz0gpsgqqqqqqshway5u