🚨 If you use Palo-Alto GlobalProtect VPN, there’s an in the wild zero day being used to gain access to organisations.
CVE-2024-3400, patch out now https://security.paloaltonetworks.com/CVE-2024-3400
Thread throughout the day as more info drops.
Conversation
Notices
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 12-Apr-2024 18:07:55 JST 
Kevin Beaumont
-
Embed this notice
MemoryLeech (cyberleech@cyberplace.social)'s status on Saturday, 13-Apr-2024 06:58:44 JST 
MemoryLeech
Appreciate the rollup and awareness, have been lost in the sauce all day dealing with it, but it's nice to know you're keeping the world in-tune.
Agreed on response, while we'd all love more details; I'm glad we could report up and action first, then get to looking backwards.
-
Embed this notice
System Adminihater (systemadminihater@cyberplace.social)'s status on Saturday, 13-Apr-2024 07:40:31 JST 
System Adminihater
@GossiTheDog Did they open patching publically like WatchGuard did or do you need an active contract?
That "active contract" thing makes everything so much less safe.
-
Embed this notice
System Adminihater (systemadminihater@cyberplace.social)'s status on Saturday, 13-Apr-2024 08:09:02 JST
System Adminihater
@GossiTheDog Ohhhhhhhhhhhhhhh
-
Embed this notice
Filippo Valsorda :go: (filippo@abyssdomain.expert)'s status on Thursday, 18-Apr-2024 00:57:24 JST 
Filippo Valsorda :go:
@GossiTheDog No reason to make it personal. We’ve all introduced bugs, especially over a long open source career. Please don’t.
-
Embed this notice
MemoryLeech (cyberleech@cyberplace.social)'s status on Thursday, 18-Apr-2024 22:59:10 JST
MemoryLeech
Fun times ahead:
"This pull request is an exploit module for https://security.paloaltonetworks.com/CVE-2024-3400, affecting PAN-OS GlobalProtect Gateway and GlobalProtect Portal deployments with the default telemetry service enabled."
-
Embed this notice
All GNU social JP content and data are available under the