PaloAlto – Page 2 – TheCyberThrone

Google Released PoC for CVE-2025-0110 PAN OS Flaw

Google's Project Zero and Mandiant cybersecurity teams have jointly released a proof-of-concept (PoC) exploit for a significant security vulnerability identified in Palo Alto Networks' PAN-OS OpenConfig plugin. This vulnerability, tracked…

PravinKarthik February 23, 2025

CISA Adds Palo Alto and SonicWall Vulnerabilities to KEV

The Cybersecurity and Infrastructure Security Agency (CISA) has recently identified and added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities, affecting Palo Alto Networks' PAN-OS and…

PravinKarthik February 19, 2025

CVE-2025-0108 impacts PaloAlto PAN-OS

CVE-2025-0108 is a high-severity vulnerability affecting Palo Alto Networks PAN-OS software. Description CVE-2025-0108 is an authentication bypass vulnerability in the PAN-OS management web interface. This flaw allows an unauthenticated attacker…

PravinKarthik February 13, 2025

CVE-2025-0107 PoC Exploit Code Released for PaloAlto Flaw

Background: CVE-2025-0107 is a critical OS command injection vulnerability discovered in Palo Alto Networks' Expedition Tool, version 1.2.101 and earlier. Recently, security researchers released a Proof-of-Concept (PoC) exploit code, which…

PravinKarthik January 19, 2025

CISA adds PaloAlto CVE-2024-3393 to its KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) recently added CVE-2024-3393 to its Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability affects Palo Alto Networks' PAN-OS software and involves a malformed DNS…

PravinKarthik December 31, 2024

CVE-2024-3393 DoS Vulnerability in Palo Alto PAN-OS

CVE-2024-3393 is a high-severity Denial of Service (DoS) vulnerability discovered in the DNS Security feature of Palo Alto Networks' PAN-OS software. This vulnerability can be exploited by an unauthenticated attacker,…

PravinKarthik December 28, 2024

Year 2024

Major Security Acquisitions in Year 2024 Top 25 Analysis

In 2024, the cybersecurity industry saw a significant surge in mergers and acquisitions (M&A) activity, driven by the increasing importance of advanced technologies like AI and the growing threat landscape.…

PravinKarthik December 24, 2024

Year 2024

Zeroday Vulnerabilities Prevailed in 2024 Analysis-Part I

What is a Zero-Day Vulnerability? A zero-day vulnerability is a security flaw in software or hardware that is unknown to the vendor or developers. The term "zero-day" signifies that the…

PravinKarthik December 23, 2024