Palo Alto Networks PAN-OS Command Injection Vulnerability

Added April 12, 2024 • Due April 19, 2024 • CVE-2024-3400

Overdue Palo Alto Networks / PAN-OS CWE-20 CWE-77

Description

Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.

Required Action

Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.

References

https://security.paloaltonetworks.com/CVE-2024-3400
https://nvd.nist.gov/vuln/detail/CVE-2024-3400

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 7 months, 2 weeks ago