HomeRisk ManagementsPalo Alto Networks Fixes Zero-Day Exploited for DoS Attacks on Firewall

Palo Alto Networks Fixes Zero-Day Exploited for DoS Attacks on Firewall

Published on

spot_img

Palo Alto Networks has taken swift action to address a zero-day vulnerability that has been exploited to launch denial-of-service (DoS) attacks against its firewalls. The security flaw, known as CVE-2024-3393, affects the DNS Security feature of the PAN-OS software running on Palo Alto Networks firewalls. This vulnerability allows a malicious actor to send a specially crafted packet through the data plane, causing the firewall to reboot and potentially enter maintenance mode.

The company has acknowledged that customers have reported experiencing DoS attacks when their firewalls block malicious DNS packets triggering this issue. Despite the severity of CVE-2024-3393, Palo Alto Networks has categorized the vulnerability as having only a ‘moderate urgency’. The exploitation of this vulnerability is contingent on having DNS Security logging enabled and either a DNS Security License or an Advanced DNS Security License applied. Both conditions must be met for an attacker to exploit the vulnerability.

To address the issue, Palo Alto Networks has released patches for PAN-OS versions 10.1.14-h8, 10.2.10-h12, 11.1.5, and 11.2.3. However, PAN-OS 11.0, which reached end of life on November 17, will not receive a fix. The company has also outlined workarounds and mitigations for affected users. Additionally, Palo Alto Networks has credited Estonia’s CERT-EE for providing forensic and analytics assistance in resolving the vulnerability.

Although details about the discovery of the vulnerability or the specific attacks exploiting it are scarce, Palo Alto Networks has noted the propensity for threat groups to target its firewall vulnerabilities. In a recent campaign dubbed Operation Lunar Peek, malicious actors exploited two PAN-OS zero-days to compromise a significant number of firewalls.

This incident is not the first time Palo Alto Networks has been targeted by threat actors. Previous attacks have leveraged vulnerabilities in Palo Alto Networks’ products, highlighting the importance of timely patching and proactive security measures. As cybersecurity threats continue to evolve, organizations must remain vigilant and ensure that their systems are adequately protected against potential exploits.

In conclusion, Palo Alto Networks’ response to the CVE-2024-3393 vulnerability demonstrates the company’s commitment to addressing security concerns promptly. By releasing patches and providing guidance to customers, Palo Alto Networks aims to mitigate the risk of exploitation and protect users from potential threats. As the cybersecurity landscape evolves, it is essential for organizations to stay informed about vulnerabilities and take proactive steps to secure their systems.

Source link

Latest articles

Users of Trump’s Truth Social are falling victim to widespread scams on the internet

The social media platform Truth Social, launched by the Trump Media & Technology Group...

Hacking group exposes information on 15k vulnerable FortiGate firewall devices

A recent development in the ongoing cybersecurity saga involving vulnerable Fortinet FortiGate firewall devices...

Biotech company resolves class action lawsuit stemming from ransomware attack with $7.5 million settlement

Enzo Biochem, a prominent biotech company, recently made headlines after agreeing to settle a...

Aadhaar-based biometric verification required for new SIM cards to combat fraud and cybercrime – StartupNews.fyi

The Indian government has announced a new measure to combat fraudulent activities associated with...

More like this

Users of Trump’s Truth Social are falling victim to widespread scams on the internet

The social media platform Truth Social, launched by the Trump Media & Technology Group...

Hacking group exposes information on 15k vulnerable FortiGate firewall devices

A recent development in the ongoing cybersecurity saga involving vulnerable Fortinet FortiGate firewall devices...

Biotech company resolves class action lawsuit stemming from ransomware attack with $7.5 million settlement

Enzo Biochem, a prominent biotech company, recently made headlines after agreeing to settle a...