401/67 Tuesday, November 12, 2024
Palo Alto Networks has issued an urgent alert for customers to review the security settings of the PAN-OS management interface following the discovery of a potential Remote Code Execution (RCE) vulnerability that could be exploited. Although the source of the allegations remains unclear, the company is closely monitoring the situation. At this time, no evidence of actual zero-day attacks has been found.
The company stated that while there is currently no concrete information about the vulnerability or Indicators of Compromise (IoCs), securing the management interface from internet access significantly reduces the risk. It is recommended to restrict access solely to trusted internal IPs. The company’s Prisma Access and cloud NGFW solutions are not affected by this issue.
Recently, CISA added the vulnerability identified in Palo Alto Networks’ Expedition tool (CVE-2024-5910) to its Known Exploited Vulnerabilities Catalog. This vulnerability was patched in July, and while technical details were released in October, there have been no indications of active exploitation at this time.