cbcvebase.
CVE-2024-3385
published 2024-04-10

CVE-2024-3385: A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually…

PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.90%
55.2th percentile
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This affects the following hardware firewall models: - PA-5400 Series firewalls - PA-7000 Series firewalls

Affected

14 ranges
VendorProductVersion rangeFixed in
palo_alto_networkspan-os>= 10.1.0 < 10.1.1210.1.12
palo_alto_networkspan-os>= 10.2.0 < 10.2.810.2.8
palo_alto_networkspan-os>= 11.0.0 < 11.0.311.0.3
palo_alto_networkspan-os>= 9.0.0 < 9.0.17-h49.0.17-h4
palo_alto_networkspan-os>= 9.1.0 < 9.1.179.1.17
paloaltocloud_ngfw
paloaltopan-os
paloaltoprisma_access
paloaltonetworkspan-os
paloaltonetworkspan-os>= 10.1.0 < 10.1.1210.1.12
paloaltonetworkspan-os>= 10.2.0 < 10.2.810.2.8
paloaltonetworkspan-os>= 11.0.0 < 11.0.311.0.3
paloaltonetworkspan-os9.0.0 – 9.0.16
paloaltonetworkspan-os>= 9.1.0 < 9.1.179.1.17
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.