Published on: 12 July 2024
Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS, Expedition and Cortex XDR Agent. The detailed information about the vulnerabilities can be found at:
https://security.paloaltonetworks.com/CVE-2024-3596
https://security.paloaltonetworks.com/CVE-2024-5910
https://security.paloaltonetworks.com/CVE-2024-5911
https://security.paloaltonetworks.com/CVE-2024-5912
https://security.paloaltonetworks.com/CVE-2024-5913
Palo Alto indicates that the proof-of-concept (PoC) code for the privilege escalation vulnerability (CVE-2024-3596) affecting PAN-OS firewalls with the configurations using either CHAP or PAP as the authentication protocol for a RADIUS server is publicly available. PAP differs from EAP-TTLS with PAP, which is not vulnerable to this attack. In addition, another privilege escalation vulnerability (CVE-2024-5910) affecting Expedition is also at a high risk of exploitation. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.
For detailed information of the affected systems, please refer to the corresponding security advisory at vendor's website.
Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, privilege escalation, security restriction bypass or tampering on an affected system.
Patches for affected systems are now available. For detailed information of the available patches, please refer to the section "Solution" of corresponding security advisory at vendor's website.
System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.