We turn our vigilance to full – hackers will not miss their chance.
Palo Alto Networks has reported an actively exploited critical zero-day vulnerability in the PAN-OS software used in the GlobalProtect software network gateways.
The vulnerability, identified as CVE-2024-3400, is characterized by the highest threat level with a CVSS rating of 10.0 and allows an unauthorized remote attacker to execute arbitrary code with root privileges.
In a statement, the company notes that the vulnerability affects only certain versions of PAN-OS up to 11.1.2-h3, 11.0.4-h1 and 10.2.9-h1. The fixes themselves are not yet available, but the company plans to release them by April 14.
Volexity, a company specializing in cyber intelligence and incident response, was listed as the organization that discovered and reported the vulnerability.
Palo Alto Networks said that it is aware of several cases of using this vulnerability to conduct real attacks, but specific details and data about hackers are not disclosed.
As a temporary security measure, the company recommends that customers with a Threat Prevention subscription enable Threat ID 95187 to protect against this threat.
Palo Alto Networks has reported an actively exploited critical zero-day vulnerability in the PAN-OS software used in the GlobalProtect software network gateways.
The vulnerability, identified as CVE-2024-3400, is characterized by the highest threat level with a CVSS rating of 10.0 and allows an unauthorized remote attacker to execute arbitrary code with root privileges.
In a statement, the company notes that the vulnerability affects only certain versions of PAN-OS up to 11.1.2-h3, 11.0.4-h1 and 10.2.9-h1. The fixes themselves are not yet available, but the company plans to release them by April 14.
Volexity, a company specializing in cyber intelligence and incident response, was listed as the organization that discovered and reported the vulnerability.
Palo Alto Networks said that it is aware of several cases of using this vulnerability to conduct real attacks, but specific details and data about hackers are not disclosed.
As a temporary security measure, the company recommends that customers with a Threat Prevention subscription enable Threat ID 95187 to protect against this threat.
