Palo Alto Security Flaw Warned by TeamT5
Urgent Action Recommended to Mitigate CVE-2024-3400 Vulnerability in Palo Alto Networks Firewalls
A critical vulnerability, CVE-2024-3400, has been identified in Palo Alto Networks PAN-OS software's GlobalProtect portals. This vulnerability allows unauthenticated threat actors to execute arbitrary code and deploy malware with root privilege. Since March 2024, threat actors have been actively exploiting this vulnerability.
According to Palo Alto Networks, the affected products are PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls configured with GlobalProtect gateway or GlobalProtect portal (or both). The company has confirmed attack attempts that exploited the vulnerability and has released an official mitigation advisory.
The exploitation of CVE-2024-3400 requires the GlobalProtect gateway or portal to be enabled. Public reports have revealed that state actors have exploited this vulnerability in attacks. At least two APT groups, including China-nexus APT SLIME60 and a newly identified APT group, SLIME61, have been involved in the exploitation of CVE-2024-3400.
To mitigate the effects of CVE-2024-3400, Palo Alto Networks recommends customers to upgrade their PAN-OS software to the corresponding version. The vulnerability is patched in PAN-OS 10.2.9-h1, PAN-OS 11.0.4-h1, PAN-OS 11.1.2-h3, and all later PAN-OS versions.
TeamT5 has also released mitigation and response guidelines for CVE-2024-3400, as well as a possible attack scenario based on the exploitation status. Disabling the device telemetry is not an effective mitigation for exploiting CVE-2024-3400. Proof of concepts exploiting CVE-2024-3400 have been circulating in the wild.
The SLIME60-APT group was actively exploiting the CVE-2024-3400 vulnerability in Palo Alto Networks PAN-OS software starting in April 2024, while the newly identified SLIME61-APT group began exploitation activity in July 2024.
In light of these developments, it is crucial for users of affected products to take urgent action to upgrade their PAN-OS software and implement the recommended mitigation measures to protect their systems from potential attacks.
Read also:
- Unveiling the Less-Discussed Disadvantages of Buds - Revealing the Silent Story
- "In a daring decision, Battlefield 6 forgoes ray tracing - understanding the advantages this choice brings"
- Hackers allegedly responsible for mobile banking fraud in Kenya, as per the central bank, yet confidential sources hint at potential insider involvement
- Upcoming Amazon Hardware Event 2025: Anticipated Announcements
