Denial-of-service incidents have been reported by some users of firewalls on PAN-OS.
Palo Alto Networks has issued updates for an actively exploited high-severity denial-of-service vulnerability in its PAN-OS firewall software's DNS security functionality.
Tracked as CVE-2024-3393, denial-of-service incidents have been reported by some users of firewalls on PAN-OS versions 10.X and 11.X, according to Palo Alto Networks. The company also said Prisma Access running PAN-OS versions 10.2.8 and later or prior to 11.2.3, were affected.
Jason Soroko, senior fellow at Sectigo, said the vulnerability operates by manipulating the data plane of the firewall and when exploited, the malicious packets trigger the firewall to enter maintenance mode after repeated attempts, effectively causing prolonged service disruptions.
“Palo Alto Networks discovered this flaw during production use and has reported that some customers are already experiencing DoS incidents as their firewalls block these harmful DNS packets,” Soroko told
SC US.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
