CVE-2024-9474

MEDIUM CISA KEV EPSS 99.8%
Published Nov 18, 20241y ago · Modified Jun 17, 20261w ago
6.9 CVSS 4.0
Medium
Find Similar
Published Nov 18, 2024 1y ago
Last Modified Jun 17, 2026 1w ago
KEV Listed Nov 18, 2024 1y ago
KEV Due Dec 9, 2024 567d overdue

Description

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

CVSS Details

Base Score
6.9
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Red
Attack Vector Network
Attack Complexity Low
Privileges Required High
User Interaction None
Scope X

Threat Intelligence

CISA Known Exploited Overdue 567d
Added
Nov 18, 2024
Due
Dec 9, 2024

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet.

EPSS Exploit Probability
99.8% percentile
Exploit & Patch Status
Actively Exploited (KEV)
No Patch Available

Weaknesses 1

CWE-78 OS Command Injection Injection

Affected Products 13

VendorProductVersionRange
paloaltonetworkspan-os*≥10.1.0  –  <10.1.14
paloaltonetworkspan-os*≥10.2.0  –  <10.2.12
paloaltonetworkspan-os*≥11.0.0  –  <11.0.6
paloaltonetworkspan-os*≥11.1.0  –  <11.1.5
paloaltonetworkspan-os*≥11.2.0  –  <11.2.4
paloaltonetworkspan-os10.1.14any
paloaltonetworkspan-os10.1.14any
paloaltonetworkspan-os10.1.14any
paloaltonetworkspan-os10.2.12any
paloaltonetworkspan-os10.2.12any
paloaltonetworkspan-os11.0.6any
paloaltonetworkspan-os11.1.5any
paloaltonetworkspan-os11.2.4any

References 5

  • github.com https://github.com/k4nfr3/CVE-2024-9474
    Exploit
  • labs.watchtowr.com https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/
    ExploitThird Party Advisory
  • security.paloaltonetworks.com https://security.paloaltonetworks.com/CVE-2024-9474
    Vendor Advisory
  • unit42.paloaltonetworks.com https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/
    Press/Media CoverageVendor Advisory
  • cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9474
    US Government Resource

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.