Palo Alto Networks Expedition OS Command Injection Vulnerability
Key Information
- Vendor
- Palo Alto Networks
- Status
- Expedition
- Vendor
- CVE Published:
- 9 October 2024
Badges
Summary
The Palo Alto Networks Expedition tool has multiple critical vulnerabilities (CVE-2024-9463 to CVE-2024-9467) including OS command injection, SQL injection, cleartext storage of sensitive information, and cross-site scripting. These vulnerabilities can result in unauthorized access, credential theft, and administrative takeover. The vulnerabilities affect all versions of Expedition below 1.2.96, and urgent patching is recommended. The potential impact of exploitation includes disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls, with the risk of sensitive data theft. There are no known exploits by ransomware groups at this time, but proactive measures such as upgrading to the latest version of Expedition, limiting network access, rotating credentials, and monitoring access logs are advised to minimize the risk of exploitation.
News Articles
CVSS V3.1
Timeline
First article discovered by wiz.io
Vulnerability published.