virus logo Intrusion Prevention

Palo.Alto.Networks.Expedition.CVE-2024-9463.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit an Authenticated Command Injection vulnerability in Palo Alto Networks Expedition.
This vulnerability is due to insufficient validation of user-supplied inputs. A remote authenticated attacker can exploit this vulnerability by sending maliciously crafted requests to a vulnerable application. Successful exploitation could result in arbitrary command execution in the security context of the application.

description-logoOutbreak Alert

FortiGuard sensors continue to detect and block attack attempts targeting the Palo Alto Expedition vulnerabilities that could allow attackers to take over administrative accounts, putting configuration secrets, credentials, and other imported data within Expedition at serious risk.

View the full Outbreak Alert Report

affected-products-logoAffected Products

Palo Alto Networks Expedition versions before 1.2.96

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://security.paloaltonetworks.com/PAN-SA-2024-0010

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2026-02-02 35.161
Modified
 Sig Added
2024-12-03 29.914
Modified
 Default_action:pass:drop
2024-11-27 29.911
New
ID 56904
Created Nov 25, 2024
Updated Feb 02, 2026
CVE ID
Tags Palo Alto Expedition Vulnerability
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 94.2%
Default Action drop
Active
Affected OS Linux
Affected App Other
Profile Type OS Command Injection