PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet
CVE-2024-9468

8.2HIGH

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 9 October 2024

Badges

👾 Exploit Exists

What is CVE-2024-9468?

A vulnerability exists in Palo Alto Networks PAN-OS software that allows an unauthenticated attacker to exploit memory corruption through specially crafted packets sent via the data plane. This exploitation can lead to a denial of service condition where PAN-OS may crash. Furthermore, if the attack is carried out repeatedly, the software may enter maintenance mode, disrupting normal operations. It is critical for organizations using PAN-OS to stay informed on mitigation measures and apply necessary updates to safeguard against such attacks.

Affected Version(s)

PAN-OS 11.1.0 < 11.1.3

PAN-OS 11.0.0 < 11.0.4-h5

PAN-OS 10.2.0 < 10.2.4-h24

References

https://security.paloaltonetworks.com/CVE-2024-9468

vendor-advisory

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Oct 18, 2024
Vulnerability published
Oct 9, 2024

Credit

Jeff Luo of Palo Alto Networks