Palo Alto Firewall Fiasco: Thousands Compromised Despite Fewer Vulnerabilities

Roughly 2,000 Palo Alto Networks firewalls have been compromised due to a PAN-OS zero-day vulnerability. The critical flaw, CVE-2024-0012, allows attackers to gain admin privileges. Patches are available, but the threat persists, especially for devices with exposed management interfaces. Most affected are located in the US and India. Stay vigilant!

3P
Published: November 21, 2024 4:26 pmAdded: November 21, 2024 at 9:02 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like hackers are having a field day playing ‘Capture the Firewall’ with Palo Alto Networks’ firewalls. Who knew that the latest viral trend would involve zero-days and admin privileges? It’s a shame the firewalls didn’t come with an “Unhackable” badge as a default setting!

Key Points:

  • Palo Alto Networks confirmed two exploited vulnerabilities: CVE-2024-0012 and CVE-2024-9474.
  • Approximately 2,000 firewalls have been compromised, with most cases in the US and India.
  • Patches have been released for PAN-OS versions 11.2, 11.1, 11.0, 10.2, and 10.1.
  • Hackers are using these vulnerabilities to gain admin and root privileges.
  • Security firms are urging to secure management interfaces and monitor for indicators of compromise (IoCs).

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?