Palo Alto Networks Emphasizes Hardening Guidance
Updated November 15, 2024
Palo Alto Networks (PAN) has updated their informational bulletin, noting they "observed threat activity exploiting an unauthenticated remote command execution vulnerability against a limited number of firewall management interfaces which are exposed to the Internet."
CISA continues to urge users and administrators to review the following for more information, follow PAN’s guidance for hardening network devices, review PAN’s instruction for accessing organization’s scan results for internet-facing management interfaces, and take immediate action if required:
- PAN-SA-2024-0015 Important Informational Bulletin: Ensure Access to Management Interface is Secured
- Tips & Tricks: How to Secure the Management Access of Your Palo Alto Networks Device
End of Update
Palo Alto Networks (PAN) has released an important informational bulletin on securing management interfaces after becoming aware of claims of an unverified remote code execution vulnerability via the PAN-OS management interface.
CISA urges users and administrators to review the following for more information, follow PAN’s guidance for hardening network devices, review PAN’s instruction for accessing organization’s scan results for internet-facing management interfaces, and take immediate action if required:
This product is provided subject to this Notification and this Privacy & Use policy.