### #Cybersecurity #Vulnerabilities #CISAWarning
Summary: Critical vulnerabilities in widely-used networking and security products have been identified, prompting an urgent warning from CISA. Administrators are urged to take immediate action to patch these flaws to protect their networks.
Threat Actor: Unknown | unknown
Victim: Various organizations | various organizations
Key Point :
- Three critical vulnerabilities have been added to CISA’s Known Exploited Vulnerabilities Catalog (KEV).
- CVE-2024-1212 in Progress Kemp LoadMaster allows attackers to execute arbitrary commands.
- CVE-2024-0012 and CVE-2024-9474 in Palo Alto Networks PAN-OS enable authentication bypass and privilege escalation.
- CISA recommends that agencies remediate these vulnerabilities by December 9, 2024.
Critical flaws in widely-used networking and security products demand immediate attention from administrators.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited vulnerabilities affecting popular networking and security products. These vulnerabilities, recently added to CISA’s Known Exploited Vulnerabilities Catalog (KEV), pose a significant risk to both private and government networks.
Kemp LoadMaster OS Command Injection Vulnerability (CVE-2024-1212)
A critical vulnerability in Progress Kemp LoadMaster, a widely used application delivery controller and load balancer, could allow attackers to execute arbitrary commands on vulnerable systems. The flaw, tracked as CVE-2024-1212, stems from improper handling of API requests, potentially allowing attackers to gain complete control of the device.
The vulnerability in Progress Kemp LoadMaster (CVE-2024-1212) is triggered when an attacker sends specially crafted input to the system’s “/access” endpoint, which bypasses existing restrictions.
Palo Alto Networks PAN-OS Authentication Bypass (CVE-2024-0012) and Privilege Escalation (CVE-2024-9474) Vulnerabilities
Two critical vulnerabilities have been identified in Palo Alto Networks PAN-OS, the software powering their next-generation firewalls. CVE-2024-0012 allows unauthenticated attackers to bypass authentication mechanisms on the management web interface, granting them administrator-level privileges. CVE-2024-9474 enables attackers to further escalate privileges to root level, providing complete control over the firewall.
The vulnerability in PAN-OS software (CVE-2024-0012) affects the management interface, allowing attackers to bypass authentication controls and gain unauthorized access to administrative functions.
Urgent Action Required
CISA is urging administrators to immediately patch these vulnerabilities to protect their networks from potential attacks.
While there are currently no details on the observed exploitation of these vulnerabilities in real-world attacks, CISA is recommending that Federal Civilian Executive Branch (FCEB) agencies remediate these flaws by December 9, 2024, to secure their networks.