Emerging Threats
OS Command Injection Vulnerability in GlobalProtect Gateway
Fri, 04/12/2024
Fortra is investigating a command injection vulnerability in the GlobalProtect Gateway in Palo Alto PAN-OS – CVE-2024-3400. The command injection allows an unauthenticated attacker to execute code on the device with root privileges. The vendor has announced mitigations for this vulnerability and is actively working on patches that are scheduled to be released on 04/14/2024.