Palo Alto Networks Expedition OS Command Injection Vulnerability

CVE-2024-9463

7.5HIGH

Key Information

Vendor: Palo Alto Networks
Status: Expedition
Vendor: CVE Published:; 9 October 2024

Badges

📰 News Worthy

Summary

The Palo Alto Networks Expedition tool has multiple critical vulnerabilities (CVE-2024-9463 to CVE-2024-9467) including OS command injection, SQL injection, cleartext storage of sensitive information, and cross-site scripting. These vulnerabilities can result in unauthorized access, credential theft, and administrative takeover. The vulnerabilities affect all versions of Expedition below 1.2.96, and urgent patching is recommended. The potential impact of exploitation includes disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls, with the risk of sensitive data theft. There are no known exploits by ransomware groups at this time, but proactive measures such as upgrading to the latest version of Expedition, limiting network access, rotating credentials, and monitoring access logs are advised to minimize the risk of exploitation.

News Articles

wiz.io

CVE-2024-9463CVE-2024-9464

3 Critical CVEs in Palo Alto Networks Expedition | Wiz Blog

Urgent: Multiple critical vulnerabilities in Palo Alto Expedition require immediate patching. Learn about CVE-2024-9463 to CVE-2024-9467 and mitigation steps.

6 days ago

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

First article discovered by wiz.io
Oct 10, 2024
Vulnerability published.
Oct 9, 2024

Collectors

NVD Database1 News Article(s)