Critical Firewall Zero-Day Being Actively Exploited, Palo Alto Networks Urges Patching

Palo Alto Networks disclosed a critical PAN-OS firewall zero-day (CVE-2024-3400) being actively exploited in attacks. It has a CVSS score of 10.0.

The vulnerability affects PAN-OS versions 10.2, 11.0, and 11.1 when GlobalProtect and device telemetry features are enabled.

Hotfixes will be released by April 14. Affected versions are 10.2.9-h1, 11.0.4-h1, and 11.1.2-h3.

Immediate mitigations proposed are activating Threat ID 95187, ensuring vulnerability protection on GlobalProtect, and disabling device telemetry.

CISA added it to its Known Exploited Vulnerabilities catalog, setting the federal agency patching deadline to April 19, 2024.