About Denial of Service – PAN-OS (CVE-2024-3393) vulnerability. PAN-OS is the operating system that runs all Palo Alto Network NGFWs. The vendor’s advisory was released on December 27. Аn unauthenticated attacker can send a malicious packet through the data plane of the firewall, causing it to reboot. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode. For exploitation the logging option of the “DNS Security” feature must be enabled.
👾 Palo Alto has already detected attacks that exploit this vulnerability. There are no public exploits yet.
👀 CyberOK detects more than 500 PAN-OS installations in RuNet, of which 32 are potentially vulnerable. Additionally, 218 hosts are running PAN-OS version 11.0.x, which is no longer supported by the vendor since November 17.
🔧 To fix the vulnerability, you need to update your device or, as a workaround, disable the logging option of the “DNS Security” function.
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.