CVE-2024-8686
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
Published: Sep 11, 2024 / Updated: 2mo ago

010

CVSS 8.6EPSS 0.04%High

CVE info copied to clipboard

Summary

A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.

Impact

This vulnerability allows an authenticated administrator to execute arbitrary commands with root privileges on the affected firewall. This could lead to complete system compromise, including: 1. Unauthorized access to sensitive data 2. Modification of firewall configurations 3. Disruption of network services 4. Potential use of the compromised firewall as a pivot point for further network attacks The vulnerability has a high impact on confidentiality, integrity, and availability of the system.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. Palo Alto Networks has released security updates to address this vulnerability. The patch information can be found at https://security.paloaltonetworks.com/CVE-2024-8686

Mitigation

1. Update PAN-OS to a version newer than 11.2.2 as soon as possible. 2. Limit administrative access to the firewall to only trusted and necessary personnel. 3. Implement network segmentation to isolate firewall management interfaces. 4. Monitor firewall logs for any suspicious activities or unauthorized command executions. 5. Apply the principle of least privilege for administrator accounts. 6. Regularly audit administrator actions and access logs.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber