A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / OS Command Injection Vulnerability in PAN-OS GlobalProtect (CVE-2024-3400)

OS Command Injection Vulnerability in PAN-OS GlobalProtect (CVE-2024-3400)

Advisory No: TZCERT/SA/2024/04/15

Date of First Release: 15th April 2024

Source: Palo Alto

Software Affected: PAN-OS versions 10.2, 11.0, and 11.1

Overview:

Palo Alto’s PAN-OS is affected by the critical command injection vulnerability. The vulnerabilities may allow an attacker to execute arbitrary code with root privileges on the firewall.

Description:

GlobalProtect, a feature in PAN-OS is affected by a vulnerability tracked as CVE-2024-3400. GlobalProtect provides a complete infrastructure for managing your mobile workforce to enable secure access for all your users, regardless of what endpoints they are using or where they are located. According to the Volexity investigation team, after gaining access the attacker installs a custom Python backdoor named “UPSTYLE”, on the firewall. The UPSTYLE backdoor allows the attacker to execute additional commands on the device via specially crafted network requests.

Impact:

Successful exploitation of this vulnerability may allow an unauthenticated attacker to take control of the affected system.

Solution:

Palo Alto has released security patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://security.paloaltonetworks.com/CVE-2024-3400
  2. https://unit42.paloaltonetworks.com/cve-2024-3400/

Check Also

Remote Code Execution Vulnerabilities in IBM Operational Decision Manager, and IBM i Modernization Engine for Lifecycle Integration (CVE-2019-19919, CVE-2019-12384)

Advisory No: TZCERT/SA/2024/05/17-6 Date of First Release: 17th May 2024 Source: IBM Software Affected: IBM …