CVE-2024-3400: Palo Alto PAN-OS Command Injection

Score: 10
CRITICAL
Published: 2024-04-12Affected: PAN-OS 10.2, 11.0, 11.1 GlobalProtectCWE-78 β†—

Was PAN-OS exploited as a zero-day?

A critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProtect feature. Unauthenticated attackers can execute arbitrary OS commands with root privileges on the firewall through specially crafted requests.

Impact & Exploitation

CVSS 10.0. Exploited as a zero-day by nation-state actors (UTA0218). Enables complete firewall compromise, network traffic interception, and lateral movement into protected networks.

Related Resources

πŸ” Related CWE Entries

πŸ“‹ OWASP Top 10

πŸ“– Security Guides

πŸ›‘οΈ Notable Vulnerabilities

πŸ”— External References

Precogs Logo

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Base Score

CVSS10
SeverityCRITICAL
CWECWE-78
Published2024-04-12

Tags

paloaltofirewallzero-dayfirmware

Quick Links

Is your system affected?

Precogs AI detects Palo Alto PAN-OS Command Injection in compiled binaries and firmware β€” even without source code.

Request Deep Analysis

Is Your System Still Exposed to Critical CVEs?

Vulnerabilities like CVE-2024-3400 Palo Alto PAN-OS Command Injection don’t just exist in source code β€” they persist in compiled binaries, containers, and embedded systems. Precogs AI detects vulnerable components across your entire stack β€” even when source code isn’t available.

Request Deep AnalysisBook a demo