Man
Professional
- Messages
- 3,067
- Reaction score
- 597
- Points
- 113
The company calls for an urgent review of the settings for access to the management system.
Palo Alto Networks has published an important information notice PAN-SA-2024-0015 regarding the security of PAN-OS-based device management. A potential vulnerability that allows remote execution of arbitrary code (RCE) has been reported. At the moment, the specific details of the vulnerability have not been disclosed, as the company has not yet discovered it. Nevertheless, experts continue to monitor for possible attempts at exploitation.
Palo Alto Networks strongly recommends that customers check their management interface access settings. It is important that access is limited to only trusted internal IP addresses and excludes access to the Internet. This is in line with the best practices for setting up security for both the company and the entire industry.
Palo Alto emphasizes that Prisma Access devices and cloud-based NGFWs are not affected by this issue. However, hardware that is not configured to meet recommended requirements may be at increased risk.
To check the security of their devices, users are instructed to go to the Assets section of the support portal. If the device has a vulnerable interface, it will be tagged with PAN-SA-2024-0015. If no such devices are detected, it means that the scan did not detect any problems.
To date, there have been no confirmations of attempts to exploit the vulnerability. However, Palo Alto Networks promises to promptly update information if the situation changes. For notifications of possible changes, customers can subscribe to the company's RSS feed or set up email notifications in the support portal.
Also, if the management interface is configured according to the recommendations, no additional action is required. For customers using Cortex Xpanse and Cortex XSIAM modules, external interface monitoring tools are available.
At the moment, the company continues to analyze the situation and is ready to develop new solutions to the problem if there is a need for additional protection measures.
Source
Palo Alto Networks has published an important information notice PAN-SA-2024-0015 regarding the security of PAN-OS-based device management. A potential vulnerability that allows remote execution of arbitrary code (RCE) has been reported. At the moment, the specific details of the vulnerability have not been disclosed, as the company has not yet discovered it. Nevertheless, experts continue to monitor for possible attempts at exploitation.
Palo Alto Networks strongly recommends that customers check their management interface access settings. It is important that access is limited to only trusted internal IP addresses and excludes access to the Internet. This is in line with the best practices for setting up security for both the company and the entire industry.
Palo Alto emphasizes that Prisma Access devices and cloud-based NGFWs are not affected by this issue. However, hardware that is not configured to meet recommended requirements may be at increased risk.
To check the security of their devices, users are instructed to go to the Assets section of the support portal. If the device has a vulnerable interface, it will be tagged with PAN-SA-2024-0015. If no such devices are detected, it means that the scan did not detect any problems.
To date, there have been no confirmations of attempts to exploit the vulnerability. However, Palo Alto Networks promises to promptly update information if the situation changes. For notifications of possible changes, customers can subscribe to the company's RSS feed or set up email notifications in the support portal.
Also, if the management interface is configured according to the recommendations, no additional action is required. For customers using Cortex Xpanse and Cortex XSIAM modules, external interface monitoring tools are available.
At the moment, the company continues to analyze the situation and is ready to develop new solutions to the problem if there is a need for additional protection measures.
Source
