Palo Alto Networks reports actively exploited DoS flaw in PAN-OS
Take action: If you are running PAN-OS systems - especially if they are exposed to the internet, plan a quick patch. Hackers will try to execute DDoS on your systems, and will probably extort you to stop.
Learn More
Palo Alto Networks is reporting an actively exploited vulnerability in its PAN-OS operating system used to conduct denial-of-service (DoS) attacks against organizations using Palo Alto firewall appliances.
The flaw is tracked as CVE-2024-3393 (CVSS score 8.7) and affects the DNS Security feature of PAN-OS, aIllowing an unauthenticated attacker to trigger a firewall reboot by sending specially crafted malicious packets through the data plane. If exploited repeatedly, the attack can force devices into maintenance mode, requiring manual intervention to restore normal operations.
The vulnerability only affects devices with 'DNS Security' logging enabled. Some customers have already experienced outages due to active exploitation.
Affected Systems include nterprise firewalls used for perimeter defense, cloud-based architectures using PAN-OS for virtualized security and data centers requiring high firewall availability
Users are advised to immediately apply available patches for supported PAN-OS versions. PAN-OS 11.0 will not receive a patch as it reached end-of-life on November 17.
