The vulnerabilities were discovered by Zach Hanley, a researcher at Horizon3.ai, who reported them to Palo Alto Networks. The Expedition tool, a community-supported solution, assists users in migrating configurations from other vendors to the Palo Alto environment, helping to enforce security policies based on user and application IDs. A successful exploit could allow attackers to take control of firewall administration accounts or abuse access to PAN-OS devices. The flaws have CVSS scores of 9.9 (CVE-2024-9463) and 9.2 (CVE-2024-9465), underscoring the high risk they pose. Although there are currently no reports of active exploitation, the severity of the vulnerabilities requires immediate attention.
| Product | Expedition Project |
| Date | 2024-10-14 10:03:02 |
| Information |
|
Technical Summary
The vulnerabilities were discovered by Zach Hanley, a researcher at Horizon3.ai, who reported them to Palo Alto Networks. The Expedition tool, a community-supported solution, assists users in migrating configurations from other vendors to the Palo Alto environment, helping to enforce security policies based on user and application IDs. A successful exploit could allow attackers to take control of firewall administration accounts or abuse access to PAN-OS devices. The flaws have CVSS scores of 9.9 (CVE-2024-9463) and 9.2 (CVE-2024-9465), underscoring the high risk they pose. Although there are currently no reports of active exploitation, the severity of the vulnerabilities requires immediate attention.
Recommendations
- Immediately update Palo Alto Networks Expedition to the latest patched version.
- Rotate all exposed API keys for PAN-OS firewalls.
- Reset and secure all passwords and API keys associated with PAN-OS devices.
- Review and restrict network access to the Expedition tool, allowing it only from trusted IP addresses.
[Callforaction-THREAT-Footer]
