CVE-2024-3400This vulnerability is part of CISA's Known Exploited Vulnerabilities (KEV) catalog, indicating active exploitation in the wild. It has been observed in ransomware campaigns.
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.
Palo Alto Networks
PAN-OS
See vendor advisoryThis vulnerability was identified in PAN-OS by Palo Alto Networks. Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.
High - Known ransomware exploitation
Complete system compromise possible
https://security.paloaltonetworks.com/CVE-2024-3400 ; https://nvd.nist.gov/vuln/detail/CVE-2024-3400
Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.
Due Date: 4/19/2024