"Palo Alto Networks Addresses Zero-Day Exploits in Firewalls"
Palo Alto Networks has released hotfixes for a zero-day vulnerability (CVE-2024-3400) actively exploited since March 26th to backdoor PAN-OS firewalls, affecting versions 10.2, 11.0, and 11.1. Threat actors can exploit it remotely to gain root code execution, prompting the company to issue hotfixes and advise disabling device telemetry on vulnerable devices. Security firm Volexity confirmed active exploitation and linked it to state-sponsored threat actors, while CISA has ordered federal agencies to apply threat mitigation or disable telemetry within a week.