cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

ACSC circulates critical alert over Palo Alto PAN-OS firewall bug

Hackers are already taking advantage of the ability to execute code on compromised firewalls.

user icon David Hollingworth
Mon, 15 Apr 2024
ACSC circulates critical alert over Palo Alto PAN-OS firewall bug
expand image

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has released an “act now” critical alert regarding a vulnerability affecting several Palo Alto PAN-OS products.

The vulnerability is being tracked as CVE-2024-3400 and affects PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls, though only those with device telemetry and GlobalProtect gateways enabled.

The bug – which the ACSC has said is being exploited in the wild – can allow a malicious actor to execute arbitrary code using root privileges.


According to the ACSC, “Australian organisations [that] have a Palo Alto Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 95187 (introduced in Applications and Threats content version 8833-8682)”.

“Additionally, customers must ensure vulnerability protection has been applied to their GlobalProtect interface to prevent exploitation of this issue on their device,” the ACSC said in its alert notice.

In its own alert notice, Palo Alto said hotfixes would be released over the weekend and offered some additional advice.

“If you are unable to apply the Threat Prevention-based mitigation at this time, you can still mitigate the impact of this vulnerability by temporarily disabling device telemetry until the device is upgraded to a fixed PAN-OS version,” Palo Alto said.

“Once upgraded, device telemetry should be re-enabled on the device.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.