Cyber Crime
U.S. Agency Flags and Warns of Two Vulnerabilities in Palo Alto Networks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning about two newly exploited vulnerabilities affecting Palo Alto Networks’ Expedition tool.
These flaws have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, mandating that Federal Civilian Executive Branch (FCEB) agencies implement the recommended updates by December 5, 2024.
The security vulnerabilities identified are:
- CVE-2024-9463: A critical OS Command Injection vulnerability in Palo Alto Networks Expedition, with a CVSS score of 9.9.
- CVE-2024-9465: A SQL Injection vulnerability, scoring 9.3 on the CVSS scale.
ALSO READ: Nominations Open for ‘Women in Cyber’ Honors at FutureCrime Summit 2025
If exploited, these vulnerabilities allow attackers to execute arbitrary OS commands as root within the Expedition migration tool or access its database.
This could lead to exposure of sensitive data, including usernames, plaintext passwords, device configurations, and API keys associated with PAN-OS firewalls. Attackers may also be able to create and access arbitrary files on affected systems.
Palo Alto Networks initially addressed these issues in an October 9, 2024, update and later revised its advisory to confirm active exploitation of CVE-2024-9463 and CVE-2024-9465 as reported by CISA.
However, details about the threat actors involved or the scale of the exploitation remain limited.
This announcement follows a previous CISA alert about CVE-2024-5910, another serious vulnerability in Expedition with a CVSS score of 9.3, actively exploited as of last week.
Additionally, Palo Alto Networks reported detecting limited exploitation of an unauthenticated remote command execution vulnerability impacting some firewall management interfaces exposed to the internet.
While the vulnerability has not yet been assigned a CVE identifier, it holds a CVSS score of 9.3. The company is actively investigating and aims to release patches and threat prevention signatures soon.