Islamabad, Aug 22: A cyber security alert named “Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack” has been released by PTA.
The alert draws attention to a serious flaw in Palo Alto Networks’ PAN-OS software, which is extensively utilized in Global Protect gateways. The flaw is known as CVE-2024-3400. This issue puts systems running this software at serious risk by enabling unauthenticated attackers to run arbitrary code on the compromised firewalls with root privileges.
The advisory states that the vulnerability affects certain PAN-OS versions, namely 11.1.2-h3, 11.0.4-h1, and 10.2.9-h1. On April 14, 2024, Palo Alto Networks is anticipated to release crucial updates for these vulnerabilities. It is recommended that organizations using these software versions take immediate security measures to reduce the possibility of exploitation.
Customers who subscribe to Threat Prevention are advised by PTA to activate Threat ID 95187 as a preventative measure against the possible exploitation of this vulnerability. The advice further suggests making sure that only required functionalities are enabled by carefully reviewing the Global Protect gateway and device telemetry configurations.
The utilization of intrusion detection systems and ongoing monitoring are stressed as ways to spot any unusual activity that might point to an effort at exploitation.
To further lessen the impact of any potential attacks, the PTA suggests implementing the principle of least privilege and limiting access to firewalls that are compromised. To address new threats and vulnerabilities as they arise, organizations are also urged to stay up to speed on security warnings and patches issued by Palo Alto Networks.
PTA asks that any events involving this vulnerability be reported by email or through the PTA CERT Portal. PTA asserts that prompt risk reduction and the protection of Pakistan’s cyber infrastructure depend on this proactive communication.