MPGSOC Team Lead/Project Manager at MindPoint Group | Certified Scrum Master, PMP | Threat Intelligence Enthusiast
Palo Alto Networks has released remediation guidance for a critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to obtain unauthenticated remote shell command execution on susceptible devices. The flaw has been addressed in multiple versions of PAN-OS 10.2.x, 11.0.x, and 11.1.x. According to reports, the issue has been exploited as a zero-day since at least March 26, 2024, by a threat cluster tracked as UTA0218. The activity, codenamed Operation MidnightEclipse, entails the use of the flaw to drop a Python-based backdoor called UPSTYLE that's capable of executing commands transmitted via specially crafted requests. For more information, check out Palo Alto Networks' remediation guidance. #PaloAltoNetworks #cybersecurity #remediation #networksecurity https://lnkd.in/eDgm5w2T