Published on: 18 November 2024
Palo Alto has published security advisories to address multiple vulnerabilities in PAN-OS. The detailed information about the vulnerabilities can be found at:
https://security.paloaltonetworks.com/CVE-2024-2550
https://security.paloaltonetworks.com/CVE-2024-2551
https://security.paloaltonetworks.com/CVE-2024-2552
https://security.paloaltonetworks.com/CVE-2024-5917
https://security.paloaltonetworks.com/CVE-2024-5918
https://security.paloaltonetworks.com/CVE-2024-5919
https://security.paloaltonetworks.com/CVE-2024-5920
https://security.paloaltonetworks.com/CVE-2024-9472
https://security.paloaltonetworks.com/PAN-SA-2024-0015
Reports indicated that the unauthenticated remote code execution vulnerability (tracked as PAN-SA-2024-0015 without CVE identifier assigned yet) affecting PAN-OS firewalls against a limited number of management interfaces is being exploited in the wild. System administrators are advised to take immediate actions as recommended by the vendor to mitigate the elevated risk of cyber attacks.
For detailed information of the affected systems or management interfaces that require remediation action, please refer to the corresponding security advisory at vendor's website.
Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, information disclosure, security restriction bypass or spoofing on an affected system.
Patches for affected systems are now available. For detailed information of the available patches, please refer to the section "Solution" of corresponding security advisory at vendor's website.
System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.