Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Palo Alto Networks fixed a critical bug in the Expedition tool

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Palo Alto Networks released security updates to address five security flaws impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an admin […]

Palo Alto Networks Palo Alto Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS FlawGlobalProtect CVE-2026-0257

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue.

Palo Alto Networks released security updates to address five security flaws impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an admin account takeover.

Palo Alto Networks Expedition is a tool designed to help users transition to and optimize Palo Alto Networks’ next-generation firewalls. It assists with the migration of configurations from other firewall vendors and legacy Palo Alto Networks devices to newer models. Additionally, Expedition provides automation and best practice adoption to improve security posture and operational efficiency.

“Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.” reads the advisory. “Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.”

The vulnerability affects Expedition versions before 1.2.92. The researcher Brian Hysell reported the flaw to the security vendor.

The company is not aware of any attacks in the wild or public exploits targeting this issue.

The company recommends restricting network access to Expedition to authorized users, hosts, or networks.

Palo Alto also addressed a File Upload Vulnerability, tracked as CVE-2024-5911 (CVSS score: 7.0), in the Panorama Web Interface of PAN-OS.

“An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama.” reads the advisory. “Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.”

The remaining issues addressed by the security vendor are:

6.8CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification ChecksCortex XDR Agent 8.4Cortex XDR Agent 8.3-CECortex XDR Agent 8.3Cortex XDR Agent 8.2Cortex XDR Agent 7.9-CENoneNoneNone< 8.2.2< 7.9.102-CEAllAllAll>= 8.2.2>= 7.9.102-CE2024-07-102024-07-10
5.4CVE-2024-5913 PAN-OS: Improper Input Validation Vulnerability in PAN-OSCloud NGFWPAN-OS 11.2PAN-OS 11.1PAN-OS 11.0PAN-OS 10.2PAN-OS 10.1Prisma AccessNone< 11.2.1< 11.1.4< 11.0.5< 10.2.10< 10.1.14-h2NoneAll>= 11.2.1>= 11.1.4>= 11.0.5>= 10.2.10>= 10.1.14-h2All2024-07-102024-07-10
5.3CVE-2024-3596 PAN-OS: CHAP and PAP When Used with RADIUS Authentication Lead to Privilege EscalationCloud NGFWPAN-OS 11.2PAN-OS 11.1PAN-OS 11.0PAN-OS 10.2PAN-OS 10.1PAN-OS 9.1Prisma AccessNoneNone< 11.1.3< 11.0.4-h4< 10.2.10< 10.1.14< 9.1.19AllAllAll>= 11.1.3>= 11.0.4-h4>= 10.2.10>= 10.1.14>= 9.1.19None (Fix ETA: July 30)2024-07-102024-07-10

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, Palo Alto )