Multiple vulnerabilities have been discovered in Palo Alto Networks’ Expedition migration tool, including an OS command injection flaw and a vulnerability that exposes sensitive firewall credentials. These vulnerabilities could allow attackers to execute arbitrary code and access usernames, cleartext passwords, device configurations, and API keys. The vulnerabilities pose a significant risk to organizations using the tool for firewall migration and optimization.
A high-severity denial-of-service (DoS) vulnerability (CVE-2024-3393, CVSS 8.7) has been discovered in Palo Alto Networks PAN-OS software and Prisma Access firewalls. Unauthenticated attackers can exploit this by sending malicious DNS packets through the firewall’s data plane, causing the firewall to reboot and potentially enter maintenance mode. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode, disrupting network operations. A patch is available, and it should be applied immediately. Palo Alto Networks is aware of customers experiencing this denial of service (DoS) when their firewall blocks malicious DNS packets that trigger this issue.
Palo Alto Networks has issued a critical security warning regarding a vulnerability in the management interfaces of its firewall products. This vulnerability, categorized as a remote command execution (RCE) flaw, could allow unauthenticated attackers to remotely execute arbitrary commands on affected systems. While the number of observed exploitations is currently limited, it poses a serious threat to the security of Palo Alto firewalls. This vulnerability highlights the importance of keeping software up-to-date and implementing robust security measures to mitigate the risk of exploitation. Attackers could potentially leverage this vulnerability to gain unauthorized access to sensitive data, disrupt network operations, or launch further attacks. Organizations using Palo Alto firewalls are strongly advised to apply the necessary patches and security updates to mitigate this vulnerability and protect their systems.