Palo Alto Networks patches two firewall zero-days used in attacks

Palo Alto Networks has finally released security updates for two actively exploited zero-day vulnerabilities in its Next-Generation Firewalls (NGFW).

The first flaw, tracked as CVE-2024-0012, is an authentication bypass found in the PAN-OS management web interface that remote attackers can exploit to gain administrator privileges without requiring authentication or user interaction.

The second one (CVE-2024-9474) is a PAN-OS privilege escalation security flaw that allows malicious PAN-OS administrators to perform actions on the firewall with root privileges.

While CVE-2024-9474 was disclosed today, the company first warned customers on November 8 to restrict access to their next-generation firewalls because of a potential RCE flaw tagged last Friday as CVE-2024-0012.

See more
Bleeping Computer: https://www.bleepingcomputer.com/news/security/palo-alto-networks-patches-two-firewall-zero-days-used-in-attacks/

Security Week:
https://www.securityweek.com/palo-alto-networks-releases-iocs-for-new-firewall-zero-day/