Posted 4/15/2024, 12:59:27 PM

Palo Alto Networks Patches Severe PAN-OS Vulnerability Exploited to Backdoor Firewalls

Palo Alto Networks patched a severe zero-day vulnerability (CVE-2024-3400) exploited since March to backdoor PAN-OS firewalls
Flaw impacts PAN-OS 10.2, 11.0, 11.1; allows unauthenticated remote code execution
Limited attacks seen exploiting flaw to install Python backdoor, breach networks
Over 82,000 exposed PAN-OS devices found vulnerable; 40% in the United States
CISA orders federal agencies to apply fixes or disable telemetry due to active exploitation

bleepingcomputer.com