Blog
Share This Post
[ad_1]
Fixes have been issued by Palo Alto Networks to address five significant Expedition customer migration tool flaws, which could be leveraged to compromise PAN-OS firewall accounts, reports SecurityWeek.
Most serious of the resolved vulnerabilities was the critical OS command injection issue, tracked as CVE-2024-9463, which could be exploited to expose firewalls’ usernames, cleartext passwords, API keys, and configurations, according to Palo Alto Networks, which also noted similar data exposure from the abuse of another critical bug of the same nature, tracked as CVE-2024-9464. Palo Alto Networks also patched a critical SQL injection flaw, tracked as CVE-2024-9465, which could be used to compromise usernames and password hashes within Expedition databases, as well as the high-severity bugs, tracked as CVE-2024-9466 and CVE-2024-9467, which could be utilized to reveal sensitive firewall details and execute malicious JavaScript for phishing intrusions, respectively. Aside from ensuring updates to Expedition iterations 1.2.96 and later, organizations have been recommended to mitigate attack risk by rotating both Expedition and firewall credentials.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
