- Description
- An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint. Please subscribe to our RSS feed https://security.paloaltonetworks.com/rss.xml to be alerted to new updates to this and other advisories.
- Source
- psirt@paloaltonetworks.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
- Severity
- HIGH
- psirt@paloaltonetworks.com
- CWE-295
- Hype score
- Not currently trending
#ITSecurity Researchers reveal exploitable flaws in corporate VPN clients Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely execute…
@seaarepea
1 Dec 2024
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-5921 NachoVPN 🌮🔒 NachoVPN is a Proof of Concept that demonstrates exploitation of SSL-VPN clients, using a rogue VPN server. It uses a plugin-based architecture so tha... https://t.co/AfCpMUqM55
@VulmonFeeds
27 Nov 2024
54 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
What's the threat landscape like today? CVE-2024-5921 (Palo Alto GlobalProtect) received the most buzz in the past 24hrs, but with a hype score of 5/100, it's pretty quiet out there. Stay ahead with Intel: https://t.co/hcp5zGfOeZ #CVE #CyberSecurity https://t.co/AIxzVq6fY3
@intruder_io
27 Nov 2024
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: New NachoVPN attack uses rogue VPN servers to install malicious updates CVE-2024-29014 CVE-2024-5921 Severity: ⚠️ Critical Maturity: 💥 Mainstream Learn more: https://t.co/9cTrCvs1qO #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
27 Nov 2024
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
パロアルトネットワークス社とSonicWallのVPNにおける悪用可能な脆弱性が開示された。CVE-2024-5921はパロアルト社GlobalProtectの各クライアントを任意のサーバに接続させることができ、悪意あるroot証明書の導入につながる可能性。 https://t.co/eKoOCRikrx CVE-2024-29014はSoniWallのNetExtender… https://t.co/44w8DfJOoL
@__kokumoto
26 Nov 2024
3556 Impressions
16 Retweets
53 Likes
9 Bookmarks
1 Reply
0 Quotes
Today, AmberWolf released two blog posts and our tool "NachoVPN" to target vulnerabilities in major VPNs, including CVE-2024-29014 (SonicWall NetExtender SYSTEM RCE) and CVE-2024-5921 (Palo Alto GlobalProtect RCE and Priv Esc), after our SANS HackFest presentation.🧵
@AmberWolfSec
26 Nov 2024
6980 Impressions
24 Retweets
47 Likes
13 Bookmarks
1 Reply
2 Quotes
⚠️⚠️ CVE-2024-5921: Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code Could allow attackers to install malicious software on endpoints. 🎯1.4m+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link:https://t.co/BMfEoFXjS9 FOFA… htt
@fofabot
26 Nov 2024
896 Impressions
0 Retweets
7 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2024-5921 GlobalProtect App 証明書検証が不十分な問題により、攻撃者がGlobalProtect Appを任意のサーバーに接続できる可能性 この脆弱性を悪用されると、攻撃者が悪意のあるソフトウェアを署名し、エンドポイントにインストールするリスクが生じます。早急に対応することを推奨します。 https://t.co/b6t71M4ikM
@t_nihonmatsu
26 Nov 2024
415 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code (CVE-2024-5921) https://t.co/cp2ag07G1Y
@Dinosn
26 Nov 2024
2659 Impressions
9 Retweets
27 Likes
5 Bookmarks
0 Replies
0 Quotes