Various infosec researchers have released proof-of-concept (PoC) exploits for the maximum vulnerability in Palo Alto Networks' PAN-OS used in GlobalProtect gateways.
The Zero Day Bug was found in popular firewalls
The PoCs began rolling out just a day after the vendor began releasing hotfixes for the problem on Monday. Researchers have reiterated earlier warnings about the vulnerability's ease of use in attacks, saying many organizations could be compromised as a result.
Cybersecurity biz watchTowr Labs was the first to release a detailed analysis of CVE-2024-3400, along with a PoC, despite brazenly saying they are no longer releasing them.
Rapid7 rolled out its own shortly after, explaining that a successful exploit actually relies on a chain of two vulnerabilities: CVE-2024-3400 and one that has yet to be assigned a CVE.
