CVE-2024-3393 is a Palo Alto Networks PAN-OS issue described in the supplied record as a malicious DNS packet vulnerability. CISA lists it in the Known Exploited Vulnerabilities catalog, which means defenders should treat it as an active risk and prioritize mitigation. The supplied corpus does not include affected versions, impact details, or vendor remediation steps, so the safest approach is to use the [truncated]
Known exploitedPalo Alto NetworksCVE published 2024-11-18
CVE-2024-9474 is a Palo Alto Networks PAN-OS management interface OS command injection vulnerability that CISA has placed in the Known Exploited Vulnerabilities catalog. The supplied source metadata marks it as known exploited and notes known ransomware campaign use. Because this affects the management interface, exposure reduction and vendor-directed mitigation should be treated as urgent defensive work, [truncated]
Known exploitedPalo Alto NetworksCVE published 2024-11-18
CVE-2024-0012 is a Palo Alto Networks PAN-OS management interface authentication bypass vulnerability that CISA lists in its Known Exploited Vulnerabilities catalog. CISA also marks the vulnerability as having known ransomware campaign use, so organizations should treat exposed or remotely reachable management interfaces as an urgent risk and follow vendor mitigation guidance immediately.
Known exploitedPalo Alto NetworksCVE published 2024-11-14
CVE-2024-9465 is a Palo Alto Networks Expedition SQL injection vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2024-11-14. Because it is listed in KEV, defenders should treat it as an active exposure rather than a theoretical issue. CISA’s required action is to apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
