Palo Alto Networks confirmed that exploitation of an unauthenticated remote command execution vulnerability has been observed, particularly targeting firewall management interfaces exposed to the internet.
With a high CVSSv4.0 rating of 9.3, this vulnerability allows attackers to execute code remotely without user interaction, emphasizing the urgency of securing access to the management interface.
Palo Alto Networks urges immediate action to restrict access to the management interface only to trusted internal IPs, as no patch is currently available for the vulnerability.
Collection
[
|
...
]