Saturday, November 23, 2024
Latest:

Palo Alto Networks Warns Of Important PAN-OS Distant Code Execution Vulnerability

[ad_1]

Palo Alto Networks Warns Of Critical PAN-OS Remote Code Execution Vulnerability

Palo Alto Networks has issued an pressing warning a couple of potential vital distant code execution (RCE) vulnerability affecting the administration interface of their PAN-OS next-generation firewalls.

The cybersecurity firm has suggested prospects to take quick protecting measures whereas investigating the reported safety flaw.


SIEM as a Service

The vulnerability explicitly targets the PAN-OS administration interface, although the corporate has said that neither Prisma Entry nor cloud NGFW options are believed to be affected.

Whereas particular particulars in regards to the vulnerability are nonetheless underneath investigation, Palo Alto Networks has confirmed they’re actively monitoring for any indicators of exploitation.

Managed Detection and Response Purchaser’s Information – Free Download (PDF)

The corporate has outlined a number of vital safety measures for purchasers:

  • Block all Web entry to the PAN-OS administration interface.
  • Enable connections solely from trusted inner IP addresses.
  • Isolate the administration interface on a devoted administration VLAN.
  • Implement leap servers for administration entry.
  • Prohibit communication to safe protocols like SSH and HTTPS.

Palo Alto Networks studies no detected indicators of energetic exploitation of this vulnerability.

Nevertheless, this announcement comes amid ongoing issues about firewall security, as the corporate lately addressed one other vital vulnerability (CVE-2024-5910) that was being actively exploited within the wild.

Safety operations groups are suggested to constantly monitor logs and implement real-time incident alerts for suspicious actions.

The corporate emphasizes that prospects following their really helpful greatest apply deployment tips for administration interface entry are at considerably decrease danger.

Palo Alto Networks continues investigating the vulnerability and has promised to supply updates as extra data turns into out there.

Run non-public, Actual-time Malware Evaluation in each Home windows & Linux VMs. Get a 14-day free trial with ANY.RUN!

[ad_2]

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *