Palo Alto Networks is warning {that a} vital flaw impacting its PAN-OS software program utilized in its GlobalProtect gateways is being exploited within the wild.
Tracked as CVE-2024-3400, the difficulty has a CVSS rating of 10.0, indicating most severity.
“A command injection vulnerability within the GlobalProtect characteristic of Palo Alto Networks PAN-OS software program for particular PAN-OS variations and distinct characteristic configurations might allow an unauthenticated attacker to execute arbitrary code with root privileges on the firewall,” the corporate stated in an advisory printed at the moment.
The flaw impacts the next variations of PAN-OS, with fixes anticipated to be launched on April 14, 2024 –
- PAN-OS < 11.1.2-h3
- PAN-OS < 11.0.4-h1
- PAN-OS < 10.2.9-h1
The corporate additionally stated that the difficulty is relevant solely to firewalls which have the configurations for each GlobalProtect gateway (Community > GlobalProtect > Gateways) and system telemetry (Machine > Setup > Telemetry) enabled.
Cybersecurity agency Volexity has been credited with discovering and reporting the bug.
Whereas there are not any different technical particulars in regards to the nature of the assaults, Palo Alto Networks acknowledged that it is “conscious of a restricted variety of assaults that leverage the exploitation of this vulnerability.”
Within the interim, it is recommending prospects with a Risk Prevention subscription to allow Risk ID 95187 to safe in opposition to the risk.
The event comes as Chinese language risk actors have more and more relied on zero-day flaws impacting Barracuda Networks, Fortinet, Ivanti, and VMware to breach targets of curiosity and deploy covert backdoors for persistent entry.
