On February 12, 2025, Palo Alto Networks announced CVE-2025-0108, a high severity (8.8) authentication bypass vulnerability affecting Palo Alto Networks PAN-OS management web interface. This issue has a public PoC and is being actively exploited. CyCognito published an emerging threat advisory on this vulnerability within the CyCognito platform.
Read more about Emerging Threat: PAN-OS CVE-2025-0108CVE-2024-3393 is a high severity Denial of Service (DoS) vulnerability affecting specific versions of Palo Alto Networks PAN-OS DNS Security feature. CyCognito has shared lists of potentially affected assets running PAN-OS with affected customers alongside a notification in-platform.
Read more about Emerging Threat: Palo Alto PAN-OS CVE-2024-3393On November 18, 2024, Palo Alto Networks (PAN) disclosed two serious vulnerabilities in PAN-OS. Chained together, these vulnerabilities create the perfect conditions for pre-authenticated Remote Code Execution (RCE). CyCognito discovery and testing engines actively detect vulnerable assets and all customers have access to an in-platform emerging security issue announcement as of November 20th, 2024.
Read more about Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 & CVE-2024-9474On October 9th, 2024, five vulnerabilities affecting Palo Alto Networks Expedition before version 1.2.96 were disclosed by Palo Alto Networks. These issues include OS command injection, SQL injection, cleartext storage of sensitive data, and reflected XSS vulnerabilities. Though active exploitation has not been reported, CyCognito has released an active test and in-app notification covering these issues due to risks posed by their severity and ease of exploitation.
Read more about Emerging Security Issue: Multiple Palo Alto Networks Expedition PAN-OS Firewalls VulnerabilitiesPalo Alto Networks announced the discovery of CVE-2024-3400. CyCognito has informed affected customers of potentially affected assets.
Read more about Emerging Security Issue: Palo Alto Networks GlobalProtect PAN-OS Software CVE-2024-3400