CISA adds vulnerabilities in Progress Kemp LoadMaster, Palo Alto Networks PAN-OS, and Expedition to its Known Exploited Vulnerabilities (KEV) catalog.

415/67 Thursday, November 21, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The details of the vulnerabilities are as follows:

  • CVE-2024-1212: An OS Command Injection vulnerability in Progress Kemp LoadMaster allows unauthenticated attackers to execute arbitrary system commands, posing a significant security risk.
  • CVE-2024-0012: A vulnerability in Palo Alto Networks PAN-OS permits attackers with access to the web management interface to bypass authentication and gain unauthorized administrator privileges. This allows them to modify system settings or exploit additional vulnerabilities, such as CVE-2024-9474, for further attacks. Affected versions include PAN-OS 10.2, 11.0, 11.1, and 11.2. However, Cloud NGFW and Prisma Access are not impacted.
  • CVE-2024-9474: A privilege escalation vulnerability in Palo Alto Networks PAN-OS enables PAN-OS administrators with management interface access to execute commands with root privileges on the firewall.

To mitigate these risks, agencies under the Federal Civilian Executive Branch (FCEB) are required to address these vulnerabilities within a specified timeframe. CISA has mandated that federal agencies remediate these vulnerabilities by December 5, 2024, to prevent potential exploitation.

Source https://securityaffairs.com/171168/security/u-s-cisa-progress-kemp-loadmaster-palo-alto-networks-pan-os-and-expedition-bugs-known-exploited-vulnerabilities-catalog.html