Note: This Emerging Threat is also published in the new Fortra Security & Trust Center - the new location for all Emerging Threats beginning in January 2025. Refer to Emerging Threats Moving to Fortra.com for more information on following Emerging Threats in their new location.
Fortra is actively researching a vulnerability in Palo Alto Networks Expedition – CVE-2024-5910. Palo Alto Networks Expedition is a tool designed to assist with migrating other vendor configurations to Palo Alto devices. CVE-2024-5910 allows attackers to remotely reset administrator credentials, gaining complete access to Expedition and all of the data stored within. Customers are recommended to upgrade to a fixed version of Expedition.
Who is affected?
Customers using Palo Alto Expedition version 1.2 before 1.2.92 are vulnerable to CVE-2024-5910.
What can I do?
Palo Alto has released a fix in versions 1.2.92 and later. Customers are recommended to upgrade to a fix version as soon as possible.
For more information about this vulnerability and fix, refer to Palo Alto’s advisory.
How is Fortra helping me?
Fortra is actively researching this threat to build detection capabilities.
Alert Logic Network IDS: Alert Logic released new IDS signatures to detect exploit attempts for this vulnerability and aid in further detection research.
Alert Logic Vulnerability Scanning: Alert Logic released authenticated scan coverage on November 20, 2024, and agent-based scan detection on November 21 to identify this vulnerability.
Updates
Fortra has kicked off the Emerging Threats process for this vulnerability. This article will be updated with new information about this vulnerability and related security coverage as it becomes available.
11/20/2024: Alert Logic released authenticated scan coverage to identify this vulnerability.
11/21/2024: Alert Logic released agent-based scan detection to identify vulnerable instances.
12/04/2024: Alert Logic released new IDS signatures to detect exploit attempts for this vulnerability.
Comments
0 comments
Please sign in to leave a comment.