CISA Warns of Actively Exploited Vulnerabilities in Kemp LoadMaster and Palo Alto Networks PAN-OS

Critical flaws in widely-used networking and security products demand immediate attention from administrators.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited vulnerabilities affecting popular networking and security products. These vulnerabilities, recently added to CISA’s Known Exploited Vulnerabilities Catalog (KEV), pose a significant risk to both private and government networks.

Kemp LoadMaster OS Command Injection Vulnerability (CVE-2024-1212)

A critical vulnerability in Progress Kemp LoadMaster, a widely used application delivery controller and load balancer, could allow attackers to execute arbitrary commands on vulnerable systems. The flaw, tracked as CVE-2024-1212, stems from improper handling of API requests, potentially allowing attackers to gain complete control of the device.

The vulnerability in Progress Kemp LoadMaster (CVE-2024-1212) is triggered when an attacker sends specially crafted input to the system’s “/access” endpoint, which bypasses existing restrictions.

Palo Alto Networks PAN-OS Authentication Bypass (CVE-2024-0012) and Privilege Escalation (CVE-2024-9474) Vulnerabilities

Two critical vulnerabilities have been identified in Palo Alto Networks PAN-OS, the software powering their next-generation firewalls. CVE-2024-0012 allows unauthenticated attackers to bypass authentication mechanisms on the management web interface, granting them administrator-level privileges. CVE-2024-9474 enables attackers to further escalate privileges to root level, providing complete control over the firewall.

The vulnerability in PAN-OS software (CVE-2024-0012) affects the management interface, allowing attackers to bypass authentication controls and gain unauthorized access to administrative functions.

Urgent Action Required

CISA is urging administrators to immediately patch these vulnerabilities to protect their networks from potential attacks.

While there are currently no details on the observed exploitation of these vulnerabilities in real-world attacks, CISA is recommending that Federal Civilian Executive Branch (FCEB) agencies remediate these flaws by December 9, 2024, to secure their networks.

Related Posts:

• CISA Adds 12 New Known Actively Exploited Vulnerabilities to its Catalog
• CISA Adds Seven New Vulnerabilities in Known Exploited Vulnerabilities Catalog
• CVE-2024-1212 (CVSS 10): Unauthenticated Takeover Threat in Progress Kemp LoadMaster
• Palo Alto Networks Investigates Potential Remote Code Execution Vulnerability in PAN-OS
• PoC Exploit Available for CVE-2024-1212 (CVSS 10): Patch Kemp LoadMaster Now