This flaw, CVE-2024-3400 [CVSS 10], allows unauthenticated attackers to execute arbitrary code with root privileges on affected devices. The vulnerability impacts PAN-OS versions 10.2, 11.0, and 11.1 on firewalls. It uses either GlobalProtect gateway, portal, or both, with device telemetry enabled. While the exact commands remain unknown, that the attackers attempted to install a secondary, Python-based backdoor on compromised devices.
You Might Be Interested In
- CVE-2024-3094 [CVSS 10] : Supply Chain Compromise, Impacting XZ Utils Data
- LockBit Maintains Relevance with Latest Update
- Report Criticizes Microsoft: Security Missteps in Chinese Cyberattack
- Europcar Says 50 Million Users Data Breach is False
- AT&T Admits 73 Million Customers’ Data Breached
- CISA Exploited Vulnerabilities Catalog Lists Fortinet and Ivanti Flaws