Remote Attackers Can Reboot Palo Alto Networks Firewalls, Requiring Manual Intervention
CVE-2024-3385

7.5HIGH

Key Information:

Vendor: Palo Alto Networks
Status: Pan-os; Cloud Ngfw; Prisma Access
Vendor: CVE Published:; 10 April 2024

Summary

A vulnerability exists within the packet processing mechanisms of Palo Alto Networks PAN-OS software that can be exploited by remote attackers. This flaw provides the ability to initiate a reboot of hardware-based firewalls, particularly affecting the PA-5400 and PA-7000 Series models. Repeated attacks can lead to the device entering maintenance mode, necessitating manual intervention to restore normal operations. This represents a significant security concern for organizations relying on these firewall models to protect their networks.

Affected Version(s)

PAN-OS 9.0.0 < 9.0.17-h4

PAN-OS 9.1.0 < 9.1.17

PAN-OS 10.1.0 < 10.1.12

References

https://security.paloaltonetworks.com/CVE-2024-3385

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 10, 2024
Vulnerability Reserved
Apr 5, 2024

Collectors

NVD DatabaseMitre Database

Credit

Palo Alto Networks thanks an external reporter for discovering and reporting this issue.