Palo.Alto.Networks.CVE-2024-0012.Authentication.Bypass

Description

This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Palo Alto Networks PAN-OS Management Web Interface.
The vulnerability is due to a lack of proper validation of user-supplied data. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation could allow an attacker to log in as an authenticated user.

Outbreak Alert

Palo Alto Networks has recently disclosed two zero-day vulnerabilities, CVE-2024-0012 and CVE-2024-9474, affecting the PAN-OS firewall and other products. Both flaws, which are actively being exploited in the wild, affect the Management Web Interface. Successful exploitations allows attackers to bypass authentication and gain administrator-level access without any user interaction.

View the full Outbreak Alert Report

Affected Products

Palo Alto Networks PAN-OS 11.2 prior to 11.2.4-h1
Palo Alto Networks PAN-OS 11.1 prior to 11.1.5-h1
Palo Alto Networks PAN-OS 11.0 prior to 11.0.6-h1
Palo Alto Networks PAN-OS 10.2 prior to 10.2.12-h2
Palo Alto Networks PAN-OS 11.2 prior to 11.2.4-h4
Palo Alto Networks PAN-OS 11.1.2 prior to 11.1.2-h18
Palo Alto Networks PAN-OS 11.1.6 prior to 11.1.6-h1
Palo Alto Networks PAN-OS 10.2.7 prior to 10.2.7-h24
Palo Alto Networks PAN-OS 10.2.8 prior to 10.2.8-h21
Palo Alto Networks PAN-OS 10.2.9 prior to 10.2.9-h21
Palo Alto Networks PAN-OS 10.2.10 prior to 10.2.10-h14
Palo Alto Networks PAN-OS 10.2.11 prior to 10.2.11-h12
Palo Alto Networks PAN-OS 10.2.12 prior to 10.2.12-h6
Palo Alto Networks PAN-OS 10.2.13 prior to 10.2.13-h3
Palo Alto Networks PAN-OS 10.1 prior to 10.1.14-h9

Impact

Security Bypass: Remote attackers can bypass security features of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://security.paloaltonetworks.com/CVE-2024-0012
https://security.paloaltonetworks.com/CVE-2025-0108