Palo Alto Networks has issued a warning about the active exploitation of the CVE-2024-3393 denial of service (DoS) vulnerability, which attackers are using to compromise firewall defenses by triggering device reboots.
Repeated exploitation of this vulnerability forces the firewall to enter maintenance mode, requiring manual intervention to restore normal functionality.
“A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall,” the advisory states. The flaw enables an unauthenticated attacker to reboot affected devices by sending specifically crafted malicious packets.
This issue impacts devices where the ‘DNS Security’ logging feature is enabled. The affected PAN-OS versions are listed below. According to Palo Alto Networks, customers have already reported outages caused by firewalls blocking malicious DNS packets exploited through this vulnerability. The flaw has been addressed in the following PAN-OS versions: 10.1.14-h8, 10.2.10-h12, 11.1.5, 11.2.3, and later releases. However, no patch will be released for PAN-OS 11.0 due to its end-of-life (EOL) status as of November 17.
Palo Alto Networks has also provided workaro
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: