Slashdot: Palo Alto Firewalls Under Attack As Miscreants Chain Flaws For Root Access

Feb 19, 2025

—

Source URL: https://it.slashdot.org/story/25/02/19/2059256/palo-alto-firewalls-under-attack-as-miscreants-chain-flaws-for-root-access?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Palo Alto Firewalls Under Attack As Miscreants Chain Flaws For Root Access

Feedly Summary:

AI Summary and Description: Yes

Summary: The text provides critical information regarding recent vulnerabilities discovered in Palo Alto Networks’ PAN-OS software, highlighting the urgency for users to apply patches to prevent exploitation. These vulnerabilities could lead to root access for attackers, emphasizing the importance of timely updates in network security.

Detailed Description: The discussion revolves around three significant vulnerabilities in Palo Alto Networks’ PAN-OS, which, if unpatched, may allow attackers to gain elevated privileges and control over the firewall systems.

– **Vulnerability Overview**:
– **CVE-2024-9474**: A privilege escalation flaw rated 6.9 that allowed an OS administrator with access to the management web interface to execute actions on the firewall as root. This vulnerability was patched in November 2024.
– **CVE-2025-0108**: Newly discovered and rated 8.8, this flaw is characterized as an access control issue that lets unauthenticated attackers bypass authentication on the web management interface, posing severe risks to the integrity and confidentiality of the system. This critical vulnerability was patched recently and marked as the highest urgency.
– **CVE-2025-0111**: Rated at 7.1, this flaw permitted authenticated attackers with network access to read files accessible to the “nobody” user, also patched in the same week.

– **Exploitation Concerns**:
– Reports indicate that the three vulnerabilities can be chained together to enhance the attacker’s capabilities, potentially leading to full root access of the firewall.
– There have been identified exploit attempts utilizing these vulnerabilities against unpatched PAN-OS management interfaces.

– **Immediate Actions Recommended**: Users are strongly advised to upgrade their PAN-OS operating systems to versions 10.1, 10.2, 11.0, 11.1, and 11.2 to mitigate risks associated with these vulnerabilities. A general hotfix is projected to be released imminently.

This information underscores the critical nature of timely software updates in infrastructure security to protect against rapidly evolving threat landscapes, which is especially important for security professionals overseeing network management and compliance.

01 1 2 2024 24 4 5 7 a access access control Act actions AI and API as attack attackers authentication AWS by bypass C capabilities CERN chain CIA compliance concerns confidentiality control core critical critical vulnerability CVE D de DoT e end event exp exploit Exploitation face firewall firewall systems firewalls flaws for full g Gen grade high Highlight hotfix HR http HTTPS in information infrastructure infrastructure security integrity inter J k l land law led Link low man management management interfaces media mini network network access network management network security networks NIST no non o of on operating system operating systems ory over Palo Alto Palo Alto Networks Patch patches potential pre privilege escalation professionals project R rate RCE red release report Risk risks Ro Root root access RoT s sec security security professionals Sig SoC software software update software updates source system systems T text the threat threat landscape threat landscapes Time to Tor TP two unauthenticated up update updates upgrade US use user Users uth V version vulnerabilities vulnerability web web interface Wi x