Denial-of-service incidents have been reported by some users of firewalls on PAN-OS.
Palo Alto Networks has issued updates for an actively exploited high-severity denial-of-service vulnerability in its PAN-OS firewall software's DNS security functionality.
Tracked as CVE-2024-3393, denial-of-service incidents have been reported by some users of firewalls on PAN-OS versions 10.X and 11.X, according to Palo Alto Networks. The company also said Prisma Access running PAN-OS versions 10.2.8 and later or prior to 11.2.3, were affected.
Jason Soroko, senior fellow at Sectigo, said the vulnerability operates by manipulating the data plane of the firewall and when exploited, the malicious packets trigger the firewall to enter maintenance mode after repeated attempts, effectively causing prolonged service disruptions.
“Palo Alto Networks discovered this flaw during production use and has reported that some customers are already experiencing DoS incidents as their firewalls block these harmful DNS packets,” Soroko told
SC US.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
