Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22)
1 min read
Summary
On 18 November, Palo Alto Networks’ Unit 42 division issued a warning about two critical vulnerabilities in its PAN-OS software, which is used in its firewall products.
The vulnerability, given the ID CVE-2024-0012, creates an authentication bypass in the management web interface, and allows an unauthenticated attacker to gain privileged access; exploiting this vulnerability could allow an attacker to perform administrative actions and tamper with a device’s configuration.
Unit 42 gave the vulnerability a CVSS criticality score of 10.
The second vulnerability, identified as CVE-2024-9474, is a privilege escalation vulnerability in the same interface, with a CVSS score of 7.5.
Unit 42 said it had seen signs of the first vulnerability being actively exploited, and urged users to protect their management web interfaces—it has published best-practice guidelines for this.
The firm is tracking exploitation attempts under the name Operation Lunar Peek.