Palo Alto Networks PAN-OS Command Injection Vulnerability Allows Rooted Access
CVE-2024-8686

7.2HIGH

Key Information:

Vendor: Palo Alto Networks
Status: Pan-os; Cloud Ngfw; Prisma Access
Vendor: CVE Published:; 11 September 2024

Summary

A vulnerability in Palo Alto Networks PAN-OS software allows an authenticated administrator to exploit a command injection flaw, bypassing established system restrictions. This can lead to the execution of arbitrary commands with root privileges on the device, potentially compromising the security and integrity of the entire firewall system. Proper configurations and updates are essential for mitigation.

Affected Version(s)

PAN-OS 11.2.2

Cloud NGFW All

PAN-OS 11.2.0 < 11.2.2

References

https://security.paloaltonetworks.com/CVE-2024-8686

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 11, 2024
Vulnerability Reserved
Sep 11, 2024

Credit

Louis Lingg