PAN-OS: null pointer dereference (CVE-2024-2550) #shorts #breaking

CVE

This CVE describes a vulnerability found in the GlobalProtect gateway of Palo Alto Networks PAN-OS, affecting versions 10.2.0 through versions below 10.2.11, 11.0.0 through versions below 11.0.6, and 11.1.0 through versions below 11.1.5. The issue is a null pointer dereference vulnerability, which allows an attacker, without authentication, to disrupt the GlobalProtect service through the firewall. By sending a specially crafted packet, attackers can cause the service to terminate, leading to a denial of service condition. If this vulnerability is repeatedly exploited, it can force the firewall into maintenance mode, effectively impacting network operations.

Watch the full video on YouTube: CVE-2024-2550

Remediation and exploitation details

This chain involves the following actors

This following systems are involved

Attack entry point

Remediation actions

Exploitation actions

Related Content

NOTE: The following related content has not been vetted and may be unsafe.

CVE database technical details

CVE ID
CVE-2024-2550
Description
A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
Provider
palo_alto
CWE / problem types
CWE-476 NULL Pointer Dereference
Affected Software Versions
Palo Alto Networks:Cloud NGFW:[{'status': 'unaffected', 'version': 'All'}],Palo Alto Networks:PAN-OS:[{'status': 'unaffected', 'version': '11.2.0'}, {'changes': [{'at': '11.1.5', 'status': 'unaffected'}], 'lessThan': '11.1.5', 'status': 'affected', 'version': '11.1.0', 'versionType': 'custom'}, {'changes': [{'at': '11.0.6', 'status': 'unaffected'}], 'lessThan': '11.0.6', 'status': 'affected', 'version': '11.0.0', 'versionType': 'custom'}, {'changes': [{'at': '10.2.11', 'status': 'unaffected'}], 'lessThan': '10.2.11', 'status': 'affected', 'version': '10.2.0', 'versionType': 'custom'}, {'status': 'unaffected', 'version': '10.1.0'}],Palo Alto Networks:Prisma Access:[{'status': 'unaffected', 'version': 'All'}]
Date Published
2024-11-14T09:40:38.838Z
Last Updated
2024-11-14T14:11:24.889Z