cbcvebase.
CVE-2024-5913
published 2024-07-10

CVE-2024-5913: An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system…

PriorityP427medium6.8CVSS 3.1
AVPACLPRNUINSUCHIHAH
EPSS
0.23%
13.8th percentile
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.

Affected

16 ranges
VendorProductVersion rangeFixed in
palo_alto_networkscloud_ngfw
palo_alto_networkspan-os>= 10.1.0 < 10.1.14-h210.1.14-h2
palo_alto_networkspan-os>= 10.2.0 < 10.2.1010.2.10
palo_alto_networkspan-os>= 11.0.0 < 11.0.511.0.5
palo_alto_networkspan-os>= 11.1.0 < 11.1.411.1.4
palo_alto_networkspan-os>= 11.2.0 < 11.2.111.2.1
palo_alto_networksprisma_access
paloaltocloud_ngfw
paloaltopan-os
paloaltoprisma_access
paloaltonetworkspan-os
paloaltonetworkspan-os>= 10.1.0 < 10.1.1410.1.14
paloaltonetworkspan-os>= 10.2.0 < 10.2.1010.2.10
paloaltonetworkspan-os>= 11.0.0 < 11.0.511.0.5
paloaltonetworkspan-os>= 11.1.0 < 11.1.411.1.4
paloaltonetworkspan-os>= 11.2.0 < 11.2.111.2.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.