CISA Alerts on Vulnerabilities in Palo Alto Networks Tool
/ 1 min read
CISA warns of critical vulnerabilities in Palo Alto Networks’ Expedition tool. Two serious security flaws, CVE-2024-9463 and CVE-2024-9465, are being actively exploited, allowing attackers to execute arbitrary commands and access sensitive database contents on unpatched systems. Palo Alto Networks has released updates to address these vulnerabilities and recommends that administrators restrict access to the Expedition tool until they can apply the patches. Federal agencies have been ordered to implement these updates by December 5, as part of a binding operational directive.