Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Palo Alto Networks released security updates to address five security flaws impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an admin […]
Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS. Researchers at watchTowr Labs have released a technical analysis of the vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS and a proof-of-concept exploit that can be used to execute shell commands on vulnerable firewalls. CVE-2024-3400 (CVSS score of 10.0) is a […]
Threat actors have been exploiting the recently disclosed zero-day in Palo Alto Networks PAN-OS since March 26, 2024. Palo Alto Networks and Unit 42 are investigating the activity related to CVE-2024-3400 PAN-OS flaw and discovered that threat actors have been exploiting it since March 26, 2024. CVE-2024-3400 (CVSS score of 10.0) is a critical command […]
Palo Alto Networks fixed several vulnerabilities in its PAN-OS operating system, including 3 issues that can trigger a DoS condition on its firewalls. Palo Alto Networks released security updates to address several high-severity vulnerabilities in its PAN-OS operating system. The company fixed the following DoS vulnerabilities: CVE-2024-3385 – The company reported that a packet processing […]
Palo Alto Networks devices running the PAN-OS are abused to launch reflected amplification denial-of-service (DoS) attacks. Threat actors are exploiting a vulnerability, tracked as CVE-2022-0028Â (CVSS score of 8.6), in Palo Alto Networks devices running the PAN-OS to launch reflected amplification denial-of-service (DoS) attacks. The vendor has learned that firewalls from multiple vendors are abused to […]
Palo Alto Networks plans to fix CVE-2022-0778 OpenSSL flaw in some of its firewall, VPN, and XDR, products during April 2022. In Mid March, OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, that affects the BN_mod_sqrt() function used when certificate parsing. The flaw was discovered by the popular Google Project Zero […]
Palo Alto Networks warns of an easy exploitable Remote Code Execution vulnerability in its GlobalProtect VPN product. Palo Alto Networks disclosed a critical remote code execution vulnerability, tracked as CVE-2021-3064, in its GlobalProtect portal and gateway interfaces. The cybersecurity vendor warns that the vulnerability is easily exploitable by an unauthenticated network-based attacker. Successful exploitation can […]
Palo Alto Networks addresses a critical improper authorization vulnerability (CVE-2021-3044) affecting its Cortex XSOAR security orchestration solution, automation and response (SOAR) platform. Researchers from Palo Alto Networks discovered and addresses a critical improper authorization vulnerability, tracked as CVE-2021-3044, that affects its Cortex XSOAR SOAR platform. The CVE-2021-3044 vulnerability received a CVSS score of 9.8. A […]
Palo Alto Networks addressed a new severe vulnerability in the PAN-OS GlobalProtect portal that impacts PAN next-generation firewalls. Recently Palo Alto Network addressed a critical vulnerability, tracked as CVE-2020-2021, affecting the PAN-OS operating system that powers its next-generation firewall. The flaw could allow unauthenticated network-based attackers to bypass authentication, it has been rated as critical severity and received a […]
U.S. Cyber Command believes foreign APTs will likely attempt to exploit the recently addressed flaw in Palo Alto Networks’s PAN-OS firewall OS. Recently Palo Alto Network addressed a critical vulnerability, tracked as CVE-2020-2021, affecting the PAN-OS operating system that powers its next-generation firewall. The flaw could allow unauthenticated network-based attackers to bypass authentication, it has has been rated […]