{"id":1289,"date":"2024-11-20T08:28:07","date_gmt":"2024-11-20T16:28:07","guid":{"rendered":"https:\/\/www.cycognito.com\/blog\/?p=1289"},"modified":"2024-11-20T08:28:45","modified_gmt":"2024-11-20T16:28:45","slug":"emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474","status":"publish","type":"post","link":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/","title":{"rendered":"Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 &amp; CVE-2024-9474"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">What are CVE-2024-0012 &amp; CVE-2024-9474?&nbsp;<\/h2>\n\n\n\n<p>On November 18, 2024, Palo Alto Networks (PAN) fully disclosed two serious vulnerabilities in PAN-OS software that had previously been partially disclosed on November 8th.&nbsp;<\/p>\n\n\n\n<p>The first vulnerability, <a href=\"https:\/\/security.paloaltonetworks.com\/CVE-2024-0012\">CVE-2024-0012<\/a>, is a critical severity (9.3) authentication bypass in the PAN-OS management web interface. It allows unauthenticated attackers with network access to gain administrator privileges by bypassing the authentication check entirely, essentially telling the server not to check for authentication at all.&nbsp;<\/p>\n\n\n\n<p>The second vulnerability, <a href=\"https:\/\/security.paloaltonetworks.com\/CVE-2024-9474\">CVE-2024-9474<\/a>, is a medium severity (6.9) authenticated privilege escalation vulnerability that creates additional risks when combined with CVE-2024-0012.&nbsp;<\/p>\n\n\n\n<p>Chained together, these vulnerabilities create the perfect conditions for pre-authenticated Remote Code Execution (RCE), allowing an attacker to appoint themselves a PAN-OS administrator and perform actions on the firewall with root privileges using access to the management web interface.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What assets are affected by these vulnerabilities?&nbsp;<\/h2>\n\n\n\n<p>The following assets are affected by CVE-2024-0012 &amp; CVE-2024-9474:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>PAN-OS 11.2: Versions earlier than 11.2.4-h1.<\/li>\n\n\n\n<li>PAN-OS 11.1: Versions earlier than 11.1.5-h1.<\/li>\n\n\n\n<li>PAN-OS 11.0: Versions earlier than 11.0.6-h1.<\/li>\n\n\n\n<li>PAN-OS 10.2: Versions earlier than 10.2.12-h2.<\/li>\n\n\n\n<li>PAN-OS 10.1: Versions earlier than 10.1.14-h6<\/li>\n<\/ul>\n\n\n\n<p>Cloud NGFW and Prisma Access are not impacted by these vulnerabilities.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Are fixes available?&nbsp;<\/h2>\n\n\n\n<p>Upgrade: Customers are advised to upgrade to the latest <a href=\"https:\/\/security.paloaltonetworks.com\/CVE-2024-0012\">fixed versions<\/a>:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>PAN-OS 11.2.4-h1<\/li>\n\n\n\n<li>PAN-OS 11.1.5-h1<\/li>\n\n\n\n<li>PAN-OS 11.0.6-h1<\/li>\n\n\n\n<li>PAN-OS 10.2.12-h2<\/li>\n\n\n\n<li>PAN-OS 10.1.14-h6<\/li>\n<\/ul>\n\n\n\n<p>All later PAN-OS versions are not impacted by these vulnerabilities.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Are there any other recommended actions to take?&nbsp;<\/h2>\n\n\n\n<p>If it isn\u2019t feasible to patch affected devices, the risk from these vulnerabilities can be mitigated by restricting access to the management interface to only trusted internal IP addresses.&nbsp;<\/p>\n\n\n\n<p>Palo Alto Networks has also released a list of <a href=\"https:\/\/unit42.paloaltonetworks.com\/cve-2024-0012-cve-2024-9474\/#post-137539-_ydqdbjg0dngh\">Indicators of Compromise<\/a> (IOCs).&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Are CVE-2024-0012 &amp; CVE-2024-9474 being actively exploited?&nbsp;<\/h2>\n\n\n\n<p><a href=\"https:\/\/unit42.paloaltonetworks.com\/cve-2024-0012-cve-2024-9474\/#post-137539-_50343o6a6han\">Palo Alto Networks<\/a> has identified actors actively exploiting these vulnerabilities, although this activity has not been linked to any specific groups yet. Once actors have successfully exploited these vulnerabilities, researchers have observed activities like interactive command execution and dropping malware, like webshells, on the firewall.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How are enterprises at risk from CVE-2024-0012 &amp; CVE-2024-9474?<\/h2>\n\n\n\n<p>This isn\u2019t the first PAN-OS vulnerability we\u2019ve covered in 2024 and much of the same dangers we outlined in our response to <a href=\"https:\/\/www.cycognito.com\/blog\/emerging-security-issue-palo-alto-networks-globalprotect-pan-os-software-cve-2024-3400\/\">CVE-2024-3400<\/a> apply to these vulnerabilities as well. Palo Alto Networks products are incredibly common across enterprises globally \u2013 over 50% of CyCognito customers use at least one externally exposed Palo Alto Networks product \u2013 and larger organizations have more vulnerable assets. Fortune 100 enterprises can have PAN-OS management devices on up to 150 different networks, each working with a different brand, subsidiary, or smaller organization within the larger enterprise.&nbsp;<\/p>\n\n\n\n<p>Even if security teams have perfect visibility into their external environments, deploying patches across 150 different networks can be a significant challenge \u2013 but that assumes perfect visibility. It\u2019s far more common for organizations to have undermanaged or unknown assets. Our previous research indicates that organizations are unaware of 10-30% of their subsidiaries before they begin managing their exposed attack surface with CyCognito.&nbsp;&nbsp;&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How is CyCognito helping customers identify assets vulnerable to CVE-2024-0012 &amp; CVE-2024-9474?&nbsp;<\/h2>\n\n\n\n<p>CyCognito discovery and testing engines actively detect vulnerable versions of PAN-OS and CyCognito is currently investigating additional active testing methods for this vulnerability. All customers have access to an in-platform emerging security issue announcement as of November 20th, 2024.&nbsp; &nbsp;&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1280\" height=\"749\" src=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1-1280x749.webp\" alt=\"\" class=\"wp-image-1291\" srcset=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1-1280x749.webp 1280w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1-512x300.webp 512w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1-768x449.webp 768w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1-1536x899.webp 1536w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1.webp 1928w\" sizes=\"auto, (max-width: 1280px) 100vw, 1280px\" \/><\/figure>\n\n\n\n<p class=\"caption\">Figure 1: The alert sent by CyCognito for CVE-2024-0012 &amp; CVE-2024-9474<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How can CyCognito help your organization?&nbsp;<\/h2>\n\n\n\n<p>CyCognito is an exposure management platform that reduces risk by discovering, testing and prioritizing security issues. The platform scans billions of websites, cloud applications and APIs and uses advanced AI to identify the most critical risks and guide remediation. Emerging companies, government agencies and Fortune 500 organizations rely on CyCognito to secure and protect from growing threats. Want to see how it works? Check out our website and explore our platform with a self-guided, interactive <a href=\"https:\/\/app.getreprise.com\/launch\/V6Waa5X\">dashboard product tour<\/a>. To learn how CyCognito can help you understand your external attack surface and exposed risks, please visit our <a href=\"https:\/\/www.cycognito.com\/contact\/\">Contact Us page<\/a> to schedule a demo.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On November 18, 2024, Palo Alto Networks (PAN) disclosed two serious vulnerabilities in PAN-OS. Chained together, these vulnerabilities create the perfect conditions for pre-authenticated Remote Code Execution (RCE). CyCognito discovery and testing engines actively detect vulnerable assets and all customers have access to an in-platform emerging security issue announcement as of November 20th, 2024.    <\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[58,148,201,57],"class_list":["post-1289","post","type-post","status-publish","format-standard","hentry","category-research","tag-cve","tag-palo-alto-networks","tag-remote-code-execution","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 &amp; CVE-2024-9474 | CyCognito Blog<\/title>\n<meta name=\"description\" content=\"Palo Alto Networks (PAN) disclosed two PAN-OS vulnerabilities that can lead to Remote Code Execution (RCE). CyCognito customers have been notified.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 &amp; CVE-2024-9474\" \/>\n<meta property=\"og:description\" content=\"Palo Alto Networks (PAN) disclosed two PAN-OS vulnerabilities that can lead to Remote Code Execution (RCE). CyCognito customers have been notified.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/\" \/>\n<meta property=\"og:site_name\" content=\"CyCognito Blog\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-20T16:28:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-11-20T16:28:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/banner-blog-2024-11-20-2400x1256-email.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2400\" \/>\n\t<meta property=\"og:image:height\" content=\"1256\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Emma Zaballos\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Emma Zaballos\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/\"},\"author\":{\"name\":\"Emma Zaballos\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/42c314196e7f096a74bd885693643d58\"},\"headline\":\"Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 &amp; CVE-2024-9474\",\"datePublished\":\"2024-11-20T16:28:07+00:00\",\"dateModified\":\"2024-11-20T16:28:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/\"},\"wordCount\":695,\"publisher\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1-1280x749.webp\",\"keywords\":[\"CVE\",\"Palo Alto Networks\",\"Remote Code Execution\",\"Vulnerability\"],\"articleSection\":[\"Research\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/\",\"url\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/\",\"name\":\"Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 &amp; CVE-2024-9474 | CyCognito Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1-1280x749.webp\",\"datePublished\":\"2024-11-20T16:28:07+00:00\",\"dateModified\":\"2024-11-20T16:28:45+00:00\",\"description\":\"Palo Alto Networks (PAN) disclosed two PAN-OS vulnerabilities that can lead to Remote Code Execution (RCE). CyCognito customers have been notified.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#primaryimage\",\"url\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1.webp\",\"contentUrl\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1.webp\",\"width\":1928,\"height\":1128},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.cycognito.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 &amp; CVE-2024-9474\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#website\",\"url\":\"https:\/\/www.cycognito.com\/blog\/\",\"name\":\"Cycognito Blog\",\"description\":\"Research, Product News and Latest Updates\",\"publisher\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.cycognito.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#organization\",\"name\":\"Cycognito\",\"url\":\"https:\/\/www.cycognito.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png\",\"contentUrl\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png\",\"width\":1720,\"height\":550,\"caption\":\"Cycognito\"},\"image\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/42c314196e7f096a74bd885693643d58\",\"name\":\"Emma Zaballos\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7ff812a5ab34a955a1e815e6719c68a7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7ff812a5ab34a955a1e815e6719c68a7?s=96&d=mm&r=g\",\"caption\":\"Emma Zaballos\"},\"description\":\"Product Marketing Manager\",\"url\":\"https:\/\/www.cycognito.com\/blog\/author\/emma-zaballos\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 &amp; CVE-2024-9474 | CyCognito Blog","description":"Palo Alto Networks (PAN) disclosed two PAN-OS vulnerabilities that can lead to Remote Code Execution (RCE). CyCognito customers have been notified.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/","og_locale":"en_US","og_type":"article","og_title":"Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 & CVE-2024-9474","og_description":"Palo Alto Networks (PAN) disclosed two PAN-OS vulnerabilities that can lead to Remote Code Execution (RCE). CyCognito customers have been notified.","og_url":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/","og_site_name":"CyCognito Blog","article_published_time":"2024-11-20T16:28:07+00:00","article_modified_time":"2024-11-20T16:28:45+00:00","og_image":[{"width":2400,"height":1256,"url":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/banner-blog-2024-11-20-2400x1256-email.png","type":"image\/png"}],"author":"Emma Zaballos","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Emma Zaballos","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#article","isPartOf":{"@id":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/"},"author":{"name":"Emma Zaballos","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/42c314196e7f096a74bd885693643d58"},"headline":"Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 &amp; CVE-2024-9474","datePublished":"2024-11-20T16:28:07+00:00","dateModified":"2024-11-20T16:28:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/"},"wordCount":695,"publisher":{"@id":"https:\/\/www.cycognito.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1-1280x749.webp","keywords":["CVE","Palo Alto Networks","Remote Code Execution","Vulnerability"],"articleSection":["Research"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/","url":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/","name":"Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 &amp; CVE-2024-9474 | CyCognito Blog","isPartOf":{"@id":"https:\/\/www.cycognito.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#primaryimage"},"image":{"@id":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1-1280x749.webp","datePublished":"2024-11-20T16:28:07+00:00","dateModified":"2024-11-20T16:28:45+00:00","description":"Palo Alto Networks (PAN) disclosed two PAN-OS vulnerabilities that can lead to Remote Code Execution (RCE). CyCognito customers have been notified.","breadcrumb":{"@id":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#primaryimage","url":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1.webp","contentUrl":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/20241120-CVE-2024-0012-CVE-2024-9474-Fig1.webp","width":1928,"height":1128},{"@type":"BreadcrumbList","@id":"https:\/\/www.cycognito.com\/blog\/emerging-threat-palo-alto-pan-os-cve-2024-0012-cve-2024-9474\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cycognito.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 &amp; CVE-2024-9474"}]},{"@type":"WebSite","@id":"https:\/\/www.cycognito.com\/blog\/#website","url":"https:\/\/www.cycognito.com\/blog\/","name":"Cycognito Blog","description":"Research, Product News and Latest Updates","publisher":{"@id":"https:\/\/www.cycognito.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cycognito.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.cycognito.com\/blog\/#organization","name":"Cycognito","url":"https:\/\/www.cycognito.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png","contentUrl":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png","width":1720,"height":550,"caption":"Cycognito"},"image":{"@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/42c314196e7f096a74bd885693643d58","name":"Emma Zaballos","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7ff812a5ab34a955a1e815e6719c68a7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7ff812a5ab34a955a1e815e6719c68a7?s=96&d=mm&r=g","caption":"Emma Zaballos"},"description":"Product Marketing Manager","url":"https:\/\/www.cycognito.com\/blog\/author\/emma-zaballos\/"}]}},"_links":{"self":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts\/1289","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/comments?post=1289"}],"version-history":[{"count":3,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts\/1289\/revisions"}],"predecessor-version":[{"id":1294,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts\/1289\/revisions\/1294"}],"wp:attachment":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/media?parent=1289"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/categories?post=1289"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/tags?post=1289"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}