Published On: Oct 12, 2024 08:51
Advisory No: TZCERT-SA-24-0031
Source: Palo Alto Networks
Software Affected: Palo Alto Networks Expedition
Palo Alto Networks Expedition is vulnerable to critical vulnerabilities. A remote attacker can exploit the vulnerabilities to access sensitive information.
Palo Alto Networks Expedition is affected by critical vulnerabilities tracked as CVE-2024-9463, CVE-2024-9464, and CVE-2024-9465 with CVSS base scores of 9.9, 9.3, and 9.2. Successful exploitation of these OS command injection vulnerabilities may allow attackers access to sensitive data, such as user credentials, to help take over firewall admin accounts.
Successful exploitation of these vulnerabilities may allow the attacker to gain access to sensitive information.
Palo Alto Networks has released a security patch for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.
A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.
