Palo Alto Networks Provides Remediation Steps for Exploited Critical Vulnerability in PAN-OS On April 26, 2024, Palo Alto Networks released guidance to address a severe security vulnerability in PAN-OS that is currently being actively exploited. Identified as CVE-2024-3400, this flaw has a CVSS score of 10.0 and could allow attackers to execute unauthenticated remote shell commands on affected devices. The issue has been patched in various versions of PAN-OS 10.2.x, 11.0.x, and 11.1.x. Evidence indicates that the vulnerability has been leveraged as a zero-day exploit since at least March 26, 2024, by a threat group known as UTA0218. This operation, dubbed Operation MidnightEclipse, involves deploying a Python-based backdoor named UPSTYLE, which can execute commands through specially designed requests. Although these intrusions have not been definitively linked to any known threat actor or organization, observers suspect they may be the work of a state-sponsored hacking group, given the sophistication of the tactics used and the nature of the targets involved. Updated remediation advice has been provided by Palo Alto Networks.
Palo Alto Networks has released essential remediation guidance in response to a critical security vulnerability affecting its PAN-OS software, which is currently under active exploitation. This vulnerability, identified as CVE-2024-3400 and rated with a maximum CVSS score of 10.0, poses a significant risk by allowing unauthenticated remote command execution on…
