Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Details
CISA date
2024-11-18
Affected versions
PAN-OS
Summary
Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, including firewalls and VPN concentrators.
Remediation
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet.
Exploit info
No exploit-tagged NVD references in our cache; see the CISA KEV link below.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.