The Pakistan Telecommunication Authority (PTA) has issued an urgent cybersecurity advisory titled “Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack.” The advisory warns of a critical vulnerability, designated as CVE-2024-3400, in Palo Alto Networks’ PAN-OS software, which is widely implemented in Global Protect gateways. This flaw enables unauthenticated attackers to execute arbitrary code with root privileges on affected firewalls, presenting a significant risk to systems utilizing this software.
The advisory specifies that the vulnerability impacts specific versions of PAN-OS, including those below 11.1.2-h3, 11.0.4-h1, and 10.2.9-h1. Palo Alto Networks is expected to release essential patches for these vulnerabilities on April 14, 2024. Organizations using the affected software versions are strongly urged to take immediate action to prevent potential exploitation.
In addition, the PTA advises customers with a Threat Prevention subscription to enable Threat ID 95187 as a protective measure. It also recommends a thorough review of configurations for Global Protect gateways and device telemetry, ensuring that only necessary features are enabled. Continuous monitoring and the deployment of intrusion detection systems are emphasized to detect any suspicious activities indicative of exploitation attempts.
The PTA further advises restricting access to affected firewalls and applying the principle of least privilege to minimize the impact of any potential attacks. Organizations are encouraged to stay informed about security advisories and patches released by Palo Alto Networks to address emerging threats and vulnerabilities.
The PTA requests that any incidents related to this vulnerability be reported via the PTA CERT Portal or through email. This proactive communication is deemed crucial for timely risk mitigation and the protection of Pakistan’s cyber infrastructure.