Exploitable! CVE-2024-0012 Authentication Bypass for PAN-OS
IONIX Tracks CVE-2024-0012 Authentication Bypass for PAN-OS: This post is based on ongoing security research – and will continue to be updated as we get additional information…
What is CVE-2024-0012 PAN-OS?
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges and perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474.
The CVE has a severity score of 9.3 and should be addressed as a critical issue.
The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to the Palo Alto Networks recommended best practice deployment guidelines.
This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software on PA-Series, VM-Series, and CN-Series firewalls and on Panorama (virtual and M-Series) and WildFire appliances.
Am I impacted by CVE-2024-0012?
IONIX tracked the issue since it was published and on Nov 19 added a full exploit simulation model based on exploits that are used in the wild. In this way, we can see which customers have impacted assets.
IONIX customers will see updated information in the threat center of the IONIX portal.
References
Related CWE article
