Menu Close

Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS CVE-2024-3400 – TLP: CLEAR

Palo Alto Networks has released PAN-OS updates to mitigate this vulnerability. Those operating PAN-OS 10.2, 11.0 and 11.1 must review the updated advisory and take any required action:

 

Palo Alto Networks Security Advisory

 

Thank you,

Robert

 

From: Robert Berlinger
Sent: Friday, April 12, 2024 2:35 PM
To: cuny-infosec-annc@listserv.cuny.edu
Subject: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS CVE-2024-3400 – TLP: CLEAR
Importance: High

 

[ To reiterate, not an issue for those running PAN-OS 10.1.X, but if other take immediate action in response. – Robert ]

 

TLP: CLEAR

 

 

Palo Alto Networks has released workaround guidance for a command injection vulnerability (CVE-2024-3400) affecting PAN-OS versions 10.2, 11.0, and 11.1. Palo Alto Networks has reported active exploitation of this vulnerability in the wild. 

 

CISA encourages users and administrators to review the Palo Alto Networks Security Advisory, apply the current mitigations, and update the affected software when Palo Alto Networks makes the fixes available. 

 

CISA has also added this vulnerability to its Known Exploited Vulnerabilities Catalog.

 

 

Multi-State Information Sharing and Analysis Center (MS-ISAC)

Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC)

31 Tech Valley Drive

East Greenbush, NY 12061

 

24×7 Security Operations Center

SOC@cisecurity.org – 1-866-787-4722

                 

 

TLP: CLEAR

https://www.cisa.gov/tlp

Information may be distributed without restriction, subject to standard copyright rules.