Critical PAN-OS Vulnerability Under Active Attack — Palo Alto Urges Immediate Action

Palo Alto Networks has disclosed a critical security vulnerability (CVE-2024-3393) affecting their PAN-OS software that allows attackers to trigger denial-of-service conditions through DNS Security features. The actively exploited flaw carries a CVSS score of 8.7 and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog.

Impact and Scope:

  • Affects PAN-OS versions 10.X and 11.X
  • Impacts Prisma Access running specific PAN-OS versions
  • Only affects firewalls with DNS Security logging enabled
  • Can cause firewall reboots and trigger maintenance mode
  • Severity reduces to 7.1 for authenticated Prisma Access users

Mitigation Options:

  1. Update to patched versions:
    • PAN-OS 10.1.14-h8
    • PAN-OS 10.2.10-h12
    • PAN-OS 11.1.5
    • PAN-OS 11.2.3 or later
  2. Temporary workarounds:
    • Disable DNS Security logging
    • Set Log Severity to “none” for DNS Security categories
    • Contact support for SCM-managed systems

Federal agencies must apply patches by January 20, 2025. Palo Alto Networks discovered the vulnerability through production use and has confirmed active exploitation in the wild.

Read the full security advisory from Palo Alto:
https://security.paloaltonetworks.com/CVE-2024-3393

Share this article on social media:

Subscribe to Our Newsletter!

Stay on top of cybersecurity risks, evolving threats and industry news.

This field is for validation purposes and should be left unchanged.

Recent News

Featured Services

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

BOOK A MEETING

Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.