Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-9463, CVE-2024-9465) CVE-2024-9463 allows unauthenticated attackers to run arbitrary OS commands as root on vulnerable Expedition instances, leading to disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. CVE-2024-9465 – an SQL injection vulnerability – allows unauthenticated attackers to grab data from Expedition’s … More
The post Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) appeared first on Help Net Security.
