CVE-2024-9474: PAN-OS Management Interface Privilege Escalation

Score: 7.2
HIGH
Published: 2024-11-18Affected: PAN-OS 10.1, 10.2, 11.0, 11.1, 11.2CWE-78 β†—

Can PAN-OS firewalls be rooted through the management interface?

A command injection in PAN-OS management web interface enabling authenticated administrators to escalate privileges to root on the firewall. Chained with authentication bypass (CVE-2024-0012) for unauthenticated root access.

Impact & Exploitation

Part of a chain with CVE-2024-0012 for unauthenticated root on PAN-OS. Enables deployment of web shells, crypto miners, and backdoors on enterprise firewalls.

Related Resources

πŸ” Related CWE Entries

πŸ“‹ OWASP Top 10

πŸ“– Security Guides

πŸ›‘οΈ Notable Vulnerabilities

πŸ”— External References

Precogs Logo

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Base Score

CVSS7.2
SeverityHIGH
CWECWE-78
Published2024-11-18

Tags

paloaltofirewallprivilege-escalationfirmware

Quick Links

Is your system affected?

Precogs AI detects PAN-OS Management Interface Privilege Escalation in compiled binaries and firmware β€” even without source code.

Request Deep Analysis

Is Your System Still Exposed to Critical CVEs?

Vulnerabilities like CVE-2024-9474 PAN-OS Management Interface Privilege Escalation don’t just exist in source code β€” they persist in compiled binaries, containers, and embedded systems. Precogs AI detects vulnerable components across your entire stack β€” even when source code isn’t available.

Request Deep AnalysisBook a demo