CVE ID
CVE-2024-0012
Vulnerability Name
Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
- Project: Palo Alto Networks
- Product: PAN-OS
Date
- Date Added: 2024-11-18
- Due Date: 2024-12-09
Description
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrators.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, management interface for affected devices should not be exposed to untrusted networks, including the internet.
Additional Notes
https://security.paloaltonetworks.com/CVE-2024-0012 ; https://nvd.nist.gov/vuln/detail/CVE-2024-0012
Related Security News
- Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
- Attackers are chaining flaws to breach Palo Alto Networks firewalls
- Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware
- Chinese espionage tools deployed in RA World ransomware attack
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset
- Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers
- THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24)
- Over 2,000 Palo Alto firewalls hacked using recently patched bugs
- Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign
- CISA tags Progress Kemp LoadMaster flaw as exploited in attacks
Top comments (0)