November 18 Advisory: Active Exploitation of Critical RCE in Palo Alto Networks PAN-OS [CVE-2024-0012 and CVE-2024-9474]
Nov. 19, 2024, 9:34 a.m.
Tags
External References
Description
Two critical vulnerabilities in Palo Alto Networks PAN-OS, CVE-2024-0012 and CVE-2024-9474, have been disclosed. CVE-2024-0012 is an authentication bypass allowing unauthenticated remote attackers to gain admin privileges, while CVE-2024-9474 is an authenticated privilege escalation bug. These can be chained for full system compromise. Active exploitation has been observed for CVE-2024-0012. Affected versions include PAN-OS 10.2, 11.0, 11.1, and 11.2. Patches are available, and organizations are urged to update immediately. Censys identified 13,324 publicly exposed NGFW management interfaces, with 34% in the US. Limiting public exposure and upgrading to PAN-OS 10.2 or later is recommended.
Date
Published: Nov. 18, 2024, 7:19 p.m.
Created: Nov. 18, 2024, 7:19 p.m.
Modified: Nov. 19, 2024, 9:34 a.m.
Attack Patterns
T1505.003
T1016
T1082
T1105
T1083
T1190
T1133
T1078
T1068
Additional Informations
Energy
Finance
Government
United States of America