PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400)


What is the vulnerability/attack? A critical unauthenticated remote code injection vulnerability in the PAN-OS GlobalProtect Gateway was discovered. This vulnerability tracked under CVE-2024-3400 has a CVSS rating of 10.0. The GlobalProtect Gateway provides security solution for roaming users by extending the same next-generation firewall-based policies. According to the vendor advisory, active exploitation is on-going.
What is the recommended Mitigation?
The vendor has released a threat prevention signature on April 12th. And, they recently released firmware support withhotfix releases of PAN-OS.
What FortiGuard Coverage is available? The FortiGuard has released an IPS and AV signatures to block exploitation attempts and malware delivery, respectively. It is still recommended to apply firmware patches released by the vendor to mitigate any risks.