- Knowledge Base
- Security Announcements
-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
Network & System Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
-
Dashboard
Critical Vulnerability in Palo Alto: OS Command Injection (CVE-2024-3400)
Palo Alto Networks has warned about a critical flaw within its PAN-OS software in its GlobalProtect gateways.
A command injection vulnerability in Palo Alto Networks PAN-OS software may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
The zero-day vulnerability has a CVSS score of 10.0, with fixes expected to be released on 14 April.
The vulnerability specifically impacts firewalls with the GlobalProtect gateway and device telemetry configurations enabled.
Holm Security is monitoring the situation closely and has started developing coverage for the newly disclosed vulnerability.
2024-04-12 Initial discovery and coverage:
Holm Security has developed a vulnerability test to check if a vulnerable version is present in the host:
-
HID-2-1-5357082 PAN-OS Command Injection Vulnerability (CVE-2024-3400)
The article will be regularly updated with the latest developments on this vulnerability.
Find out if you are vulnerable
To find out if your environment is vulnerable. You can create a scan profile that specifically looks for the mentioned vulnerabilities.
https://support.holmsecurity.com/knowledge/how-do-i-include-or-exclude-a-specific-vulnerability-in-a-scan