Palo Alto has released a patch for 5 bugs, including a critical bug in which missing authentication issues could lead to a complete takeover.
The vulnerability tracked as CVE-2024-5910 with a CVSS score: 9.3 has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover.
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.
The next high severity vulnerability tracked as CVE-2024-5911a file upload issue in Panorama software that could lead to a denial-of-service condition. This requires an attacker to be authenticated to the web interface as a read-write administrator.
As per the official statement from Palo Alto, repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.
It also released patches fo other medium-severity security defects in Cortex XDR agent and PAN-OS software that could allow attackers to run untrusted code on a device and to tamper with the physical file system to elevate privileges, respectively.
An advisory published on BlastRADIUS vulnerability tracked as CVE-2024-3596 on its PAN-OS firewalls configured to use the CHAP or PAP protocols for authentication with a RADIUS server.
This allows an attacker performing a meddler-in-the-middle attack between Palo Alto Networks PAN-OS firewall and a RADIUS server to bypass authentication and escalate privileges to ‘superuser’ when RADIUS authentication is in use and either CHAP or PAP is selected in the RADIUS server profile.
Palo Alto Networks has included fixes for the bug in PAN-OS versions 11.1.3, 11.0.4-h4, 10.2.10, 10.1.14, and 9.1.19 and plans to release fixes for Prisma Access by the end of the month.
Palo Alto says it is not aware of any of these vulnerabilities being exploited in the wild.
