PAN-OS GlobalProtect Gateway Unauthorized VPN Bypass via IP
CVE-2024-0009 Published on February 14, 2024
PAN-OS: Improper IP Address Verification in GlobalProtect Gateway
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP address.
Vulnerability Analysis
CVE-2024-0009 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.
Timeline
Initial publication
Weakness Type
Improper Verification of Source of a Communication Channel
The software establishes a communication channel to handle an incoming request that has been initiated by an actor, but it does not properly verify that the request is coming from the expected origin. When an attacker can successfully establish a communication channel from an untrusted origin, the attacker may be able to gain privileges and access unexpected functionality.
Products Associated with CVE-2024-0009
Want to know whenever a new CVE is published for Palo Alto Networks PAN-OS? stack.watch will email you.
Affected Versions
Palo Alto Networks PAN-OS:- Version 9.0 is unaffected.
- Version 9.1 is unaffected.
- Version 10.1 is unaffected.
- Version 10.2 and below 10.2.4 is affected.
- Version 11.0 and below 11.0.1 is affected.
- Version 11.1 is unaffected.
- Version All is unaffected.
- Version All is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.