Palo Alto Networks Reveals Further Information About Critical PAN-OS Vulnerability Being Exploited

Published:

spot_img

Critical Exploitation of PAN-OS Security Flaw by Malicious Actors

In a recent report, Palo Alto Networks disclosed a critical security flaw in PAN-OS software that is being actively exploited by cybercriminals. The vulnerability, known as CVE-2024-3400 with a CVSS score of 10.0, is a sophisticated combination of two bugs in PAN-OS versions 10.2, 11.0, and 11.1.

According to Chandan B. N., a senior director at Palo Alto Networks, the first bug allowed attackers to store an empty file with a chosen filename, while the second bug used these filenames to execute commands. When exploited together, these bugs could lead to unauthenticated remote shell command execution.

The threat actor behind the exploitation, identified as UTA0218, conducted a two-stage attack named Operation MidnightEclipse. They utilized a backdoor called UPSTYLE to run specially crafted commands on vulnerable devices.

Palo Alto Networks has released patches for the flaw in several commonly deployed maintenance releases to mitigate the threat. However, recent findings from Bishop Fox revealed that the flaw could be weaponized without requiring telemetry to be enabled on a device.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has listed the vulnerability in its Known Exploited Vulnerabilities catalog, urging federal agencies to secure their devices promptly. The Shadowserver Foundation also highlighted that approximately 22,542 internet-exposed firewall devices are at risk, with a majority located in the U.S., Japan, India, Germany, the U.K., Canada, Australia, France, and China.

Users are advised to apply the provided hotfixes immediately to protect their systems from potential threats. Stay tuned for more updates on this evolving cybersecurity issue.

spot_img

Related articles

Recent articles

Four Arrested in Assam’s Hailakandi for Cyber Fraud Tied to Chinese Betting Syndicate

Four Arrested in Assam's Hailakandi for Cyber Fraud Tied to Chinese Betting Syndicate In a significant crackdown on cybercrime, Hailakandi Police in Assam have apprehended...

Arista Properties Strengthens UAE’s Future with Groundbreaking of HQ Development

Arista Properties Strengthens UAE's Future with Groundbreaking of HQ Development Dubai, UAE – Arista Properties has officially commenced construction on its flagship commercial project, HQ,...

Agentic AI Powers Ransomware Attack Exploiting Critical Langflow Vulnerability

Agentic AI Powers Ransomware Attack Exploiting Critical Langflow Vulnerability A recent incident has highlighted the growing sophistication of cyber threats, as a threat actor exploited...

Hong Kong Strengthens Global Status by Hosting 108th Lions International Convention with 17,000 Delegates

Hong Kong Strengthens Global Status by Hosting 108th Lions International Convention with 17,000 Delegates HONG KONG SAR - The Hong Kong Tourism Board has confirmed...