CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

Yas NEGYas NEG
2 min read

Description

A vulnerability in the GlobalProtect feature of specific versions of Palo Alto Networks PAN-OS software, due to arbitrary file creation, could allow an unauthenticated attacker to execute arbitrary code with root privileges on the affected firewall. This issue only affects certain configurations and versions of PAN-OS.

Cloud NGFW, Panorama appliances, and Prisma Access remain unaffected by this vulnerability.

Source: https://security.paloaltonetworks.com/CVE-2024-3400

Configuration Requirements for Vulnerability Exposure

This vulnerability affects only PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls that have either the GlobalProtect gateway or GlobalProtect portal configured, or both. It is important to note that device telemetry activation is not required for these PAN-OS firewalls to be vulnerable to this issue.

To determine if your firewall is configured with a GlobalProtect gateway or portal, check for relevant entries in the firewall's web interface under Network > GlobalProtect > Gateways or Network > GlobalProtect > Portals.

Severity: CRITICAL

CVSSv4.0 Base Score: 10 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:C/RE:M/U:Red)

Common Weakness Enumeration

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-20: Improper Input Validation

Recommended Solution

The vulnerability has been resolved in the following versions of PAN-OS: 10.2.9-h1, 11.0.4-h1, and 11.1.2-h3, as well as all subsequent versions. Customers updating to these versions will receive complete protection.

PAN-OS 10.2 Hotfix Releases:

  • 10.2.9-h1 (April 14, 2024)

  • 10.2.8-h3 (April 15, 2024)

  • 10.2.7-h8 (April 15, 2024)

  • 10.2.6-h3 (April 16, 2024)

  • 10.2.5-h6 (April 16, 2024)

  • 10.2.4-h16 (April 18, 2024)

  • 10.2.3-h13 (April 18, 2024)

  • 10.2.2-h5 (April 18, 2024)

  • 10.2.1-h2 (April 18, 2024)

  • 10.2.0-h3 (April 18, 2024)

PAN-OS 11.0 Hotfix Releases:

  • 11.0.4-h1 (April 14, 2024)

  • 11.0.4-h2 (April 17, 2024)

  • 11.0.3-h10 (April 16, 2024)

  • 11.0.2-h4 (April 16, 2024)

  • 11.0.1-h4 (April 18, 2024)

  • 11.0.0-h3 (April 18, 2024)

PAN-OS 11.1 Hotfix Releases:

  • 11.1.2-h3 (April 14, 2024)

  • 11.1.1-h1 (April 16, 2024)

1
Subscribe to my newsletter

Read articles from Yas NEG directly inside your inbox. Subscribe to the newsletter, and don't miss out.

vulnerabilityPalo Alto NetworkshackingpentestingSecurity

Written by

Yas NEG
Yas NEG