About:
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
VULNERABILITies
PAN-OS Management Interface Remote Code Execution Vulnerability
CVSS Score: 9.8 (Critical)
Identifier: PAN-SA-2024-0015 (No CVE assigned)
Exploit or POC: Yes, this vulnerability is actively exploited in the wild.
Update: PAN-SA-2024-0015 – Palo Alto Networks Security Advisory Palo Alto Networks Security Advisory
Description: PAN-SA-2024-0015 is a critical vulnerability affecting the management interface of PAN-OS, which is used in Palo Alto Networks' firewall products. The flaw allows remote attackers to execute arbitrary code on vulnerable devices. Exploitation of this vulnerability could result in unauthorized access, system compromise, and potential data breaches. Palo Alto Networks has observed limited exploitation of this vulnerability targeting devices with management interfaces exposed to the Internet.
Mitigation Recommendation: Restrict access to the management interface to trusted internal IP addresses and ensure it is not accessible from the Internet. Follow Palo Alto Networks' best practice deployment guidelines and apply any updates or patches as recommended in the official advisory. Immediate action is strongly advised to prevent further exploitation. For detailed guidance, refer to the Palo Alto Networks Security Advisory https://security.paloaltonetworks.com/PAN-SA-2024-0015.