Critical Alert: Hackers Actively Weaponizing Two High-Severity Palo Alto Flaws, CISA Warns

Critical Alert: Hackers Actively Weaponizing Two High-Severity Palo Alto Flaws, CISA Warns

CISA Issues Critical Alert: New Palo Alto Networks Vulnerabilities Under Active Exploitation

Key Points:

– CISA has identified two new critical vulnerabilities in Palo Alto Networks Expedition software:

1. CVE-2024-9463 (CVSS: 9.9) – OS Command Injection

2. CVE-2024-9465 (CVSS: 9.3) – SQL Injection

Security Impact:

– Unauthorized attackers can:

– Execute root-level OS commands

– Access database contents

– Steal usernames, passwords, and API keys

– Manipulate device configurations

– Create/read files on vulnerable systems

Critical Actions:

– Federal agencies must apply patches by December 5, 2024

– Palo Alto Networks released security updates on October 9, 2024

– Organizations should immediately secure firewall management interfaces exposed to the internet

Additional Concerns:

– A third vulnerability (CVE-2024-5910, CVSS: 9.3) was reported last week

– Palo Alto Networks confirmed limited attacks targeting firewall management interfaces

– The company is developing additional security fixes and threat prevention signatures

This situation requires immediate attention from system administrators and security teams to implement necessary patches and security measures.

Share This Article