Rewterz

SideWinder APT Group aka Rattlesnake – Active IOCs

November 19, 2024
Rewterz

T-Mobile and Other American Telecoms Targeted by Chinese Threat Actors in Espionage Campaign

November 19, 2024

Multiple Palo Alto Networks PAN-OS Zero-Day Vulnerabilities Exploit in the Wild

Severity

High

Analysis Summary

CVE-2024-9474 CVSS:4.9

Palo Alto Networks PAN-OS could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an OS command injection error. An attacker could exploit this vulnerability to perform actions on the firewall with root privileges.

CVE-2024-0012 CVSS:9.8

Palo Alto Networks PAN-OS could allow a remote attacker to bypass security restrictions, caused by an authentication bypass error. An attacker could exploit this vulnerability to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities.

Impact

  • Security Bypass
  • Privilege Escalation

Indicators of Compromise

CVE

  • CVE-2024-9474
  • CVE-2024-0012

Affected Vendors

Palo Alto

Affected Products

  • Palo Alto Networks PAN-OS - 10.1.0
  • Palo Alto Networks PAN-OS - 10.2.0
  • Palo Alto Networks PAN-OS - 11.1.0
  • Palo Alto Networks PAN-OS - 11.2.0

Remediation

Refer to Palo Alto Networks Security Advisories for patch, upgrade or suggested workaround information.

CVE-2024-9474

CVE-2024-0012

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.