Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors.
The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software.
“In the first one, the GlobalProtect service did not sufficiently validate the session ID format before storing them. This enabled the attacker to store an empty file with the attacker’s chosen filename,” Chandan B. N., senior director of product security at Palo Alto Networks, said.
“The second bug (trusting that the files were system-generated) used the filenames as part of a command.”
It’s worth noting that while neither of the issues are critical enough on their own, when chained together, they could lead to unauthenticated remote shell command execution.
Palo Alto Networks said that the threat actor behind the zero-day exploitation of the flaw, UTA0218, carried out a two-stage attack to achieve command execution on susceptible devices. The activity is being tracked under the name Operation MidnightEclipse.
As previously disclosed by both Volexity and the…
Source thehackernews.com
Terms of use and third-party services. More here.
Ad Amazon Minecraft Clothing, toys, and accessories.
Ad Amazon Gaming Laptops, clothing, games and more
Ad Amazon MUSIC Artists Merch Shop
Stay connected throughout the year with official, ongoing Microsoft podcasts.
Microsoft Podcasts Apple | Microsoft podcasts YouTube
Soccer | NFL | NBA | Ads. Amazon
Sports Fan Rings | Sports Fan Football | Sports Fan Jerseys | Sports Fan T-Shirts | Sports Fan Shoes | Sports Fan Jewelry | Puffer Jackets |