VDB
CVE-2024-2550
CVE-2024-2550
PUBLISHED
Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein speziell gestaltetes Paket sendet. Wiederholte Versuche, diesen Zustand auszulösen, führen dazu, dass die Firewall in den Wartungsmodus wechselt.
EPSS 0.36% · 58.1th percentile
Risk Scores
EPSS Score
0.36%
58.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PaloAlto Networks | PaloAlto Networks PAN-OS <11.0.2 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.2.11 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.2.9-14 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.1.7 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <11.1.3-h10 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <11.1.4 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <11.1.2-h14 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <11.0.6 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.2.7-h16 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.2.8-h13 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.2.5 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <11.1.5 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.2.4-h5 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.2.4-h6 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.1.14 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.2.10-h7 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.1.11 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <11.0.3 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.1.10 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <11.0.5 |
Exploit Intelligence
- CIRCL seen: CVE-2024-2550 (circl-sighting)
- CIRCL seen: CVE-2024-2550 (circl-sighting)
- CIRCL seen: CVE-2024-2550 (circl-sighting)
- CIRCL seen: CVE-2024-2550 (circl-sighting)
- CIRCL seen: CVE-2024-2550 (circl-sighting)
- CIRCL seen: CVE-2024-2550 (circl-sighting)
- CIRCL seen: CVE-2024-2550 (circl-sighting)
- CIRCL seen: CVE-2024-2550 (circl-sighting)
- https://security.paloaltonetworks.com/CVE-2024-2550 (circl)
Timeline
- Nov 13, 2024 PoC Published
- Nov 13, 2024 PoC Published
- Nov 13, 2024 CVE Published
- Nov 14, 2024 Coalition ESS Score
- Nov 14, 2024 PoC Published
- Nov 14, 2024 PoC Published
- Nov 15, 2024 EPSS Score
- Nov 15, 2024 Coalition ESS Score
- Nov 18, 2024 PoC Published
- Dec 3, 2024 PoC Published
- Dec 4, 2024 EPSS Score
- Dec 20, 2024 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3465.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3465 advisory
- https://security.paloaltonetworks.com/CVE-2024-2550 advisory
- https://security.paloaltonetworks.com/CVE-2024-2551 advisory
- https://security.paloaltonetworks.com/CVE-2024-2552 advisory
- https://security.paloaltonetworks.com/CVE-2024-5917 advisory
- https://security.paloaltonetworks.com/CVE-2024-5918 advisory
- https://security.paloaltonetworks.com/CVE-2024-5919 advisory
- https://security.paloaltonetworks.com/CVE-2024-5920 advisory
- https://security.paloaltonetworks.com/CVE-2024-9472 advisory