FlagThis

A high-severity denial-of-service (DoS) vulnerability (CVE-2024-3393, CVSS 8.7) has been discovered in Palo Alto Networks PAN-OS software and Prisma Access firewalls. Unauthenticated attackers can exploit this by sending malicious DNS packets through the firewall’s data plane, causing the firewall to reboot and potentially enter maintenance mode. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode, disrupting network operations. A patch is available, and it should be applied immediately. Palo Alto Networks is aware of customers experiencing this denial of service (DoS) when their firewall blocks malicious DNS packets that trigger this issue.

Over 300,000 Prometheus monitoring servers and exporters are exposed to various attacks, including information disclosure, denial-of-service (DoS), and potential remote code execution. These vulnerabilities stem from improper authentication and insecure configurations, allowing attackers to steal sensitive information such as credentials and API keys. The widespread exposure highlights the need for better security practices in Prometheus deployments and the critical nature of securing monitoring infrastructure.