Threat Intelligence / CVE / CVE-2024-3393

CVE-2024-3393

CISA KEV

CVSS 7.5 (HIGH) · EPSS 77.7% · Published 2024-12-27

A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weaknesses (CWE)

CWE-754

Threats tracking this CVE

CVE-2024-3393 PAN-OS DNS Security DoS — Unauthenticated Firewall Crash Forces Maintenance Mode, Perimeter Security Collapse — HIGH

References

https://security.paloaltonetworks.com/CVE-2024-3393
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-3393

Full detection coverage & IOCs for threats exploiting CVE-2024-3393 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence