16 April 2024 [NO.TCSA : 20240416-1-1-P]
A critical vulnerability has been identified in Palo Alto Networks PAN-OS, specifically affecting the GlobalProtect gateways and portals. Designated as CVE-2024-3400, this command injection flaw enables unauthenticated attackers to execute arbitrary code with root privileges. The vulnerability, holding a CVSS severity score of 10.0, is actively being exploited, as confirmed by Palo Alto Networks.
The vulnerability impacts the following versions of PAN-OS, configured with either GlobalProtect gateway or portal (or both), and device telemetry enabled:
TechCERT strongly encourages the application of these updates immediately.