Tag: CVE-2024-0012

3 Attack Reports | 1 Vulnerabilities

Attack reports

Threat Campaign Targeting Palo Alto Networks Firewall Devices Observed

Arctic Wolf has identified multiple intrusions across various industries involving Palo Alto Network firewall devices. The attacks likely exploit recently disclosed PAN-OS vulnerabilities CVE-2024-0012 and CVE-2024-9474 for initial access. Affected devices downloaded payloads including the Sliver C…
xmrig
data exfiltration
vulnerability exploitation
webshells
CVE-2024-0012
CVE-2024-9474
2024-11-25
sliver c2
palo alto networks
Published: November 25, 2024
Downloadable IOCs: 14

November 18 Advisory: Active Exploitation of Critical RCE in Palo Alto Networks PAN-OS [CVE-2024-0012 and CVE-2024-9474]

Two critical vulnerabilities in Palo Alto Networks PAN-OS, CVE-2024-0012 and CVE-2024-9474, have been disclosed. CVE-2024-0012 is an authentication bypass allowing unauthenticated remote attackers to gain admin privileges, while CVE-2024-9474 is an authenticated privilege escalation bug. These can …
vpn
privilege escalation
2024-11-18
CVE-2024-0012
CVE-2024-9474
rce
authentication bypass
pan-os
critical vulnerability
Published: November 18, 2024
Downloadable IOCs: 0

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012

A critical authentication bypass vulnerability (CVE-2024-0012) in Palo Alto Networks PAN-OS software allows unauthenticated attackers to gain administrator privileges on affected devices. The issue affects PAN-OS versions 10.2, 11.0, 11.1, and 11.2, but not Cloud NGFW or Prisma Access. Limited expl…
vpn
privilege escalation
webshell
2024-11-18
CVE-2024-0012
CVE-2024-9474
authentication bypass
pan-os
Published: November 18, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-0012

9.8
    Paloaltonetworks
  • Pan-Os
Published: November 18, 2024
Click here to see more Vulnerabilities