PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet

CVE-2024-9468

Currently unrated 🤨

Key Information

Vendor: Palo Alto Networks
Status: Pan-os; Cloud Ngfw; Prisma Access
Vendor: CVE Published:; 9 October 2024

Badges

👾 Exploit Exists

Summary

A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.

Affected Version(s)

PAN-OS >= 10.1.0

PAN-OS < 10.2.9-h11

PAN-OS < 11.0.4-h5

Timeline

👾
Exploit exists.
Oct 18, 2024
Initial publication
Oct 9, 2024
Vulnerability published.
Oct 9, 2024

Collectors

NVD DatabaseMitre Database

Credit

Jeff Luo of Palo Alto Networks

.