high
8.2
CWE
787
EPSS
0.043%
Advisory Published
CVE Published
Advisory Published
Updated

CVE-2024-9468: PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet (Severity: HIGH)

First published: Wed Oct 09 2024(Updated: )

A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.

Credit: psirt@paloaltonetworks.com

Affected SoftwareAffected VersionHow to fix
Palo Alto Networks PAN-OS<10.2.9-h11=10.2<11.0.4-h5=11.0<11.1.3=11.1
10.2.9-h11
10.2.10-h4
10.2.11
11.0.4-h5
11.0.6
11.1.3
Palo Alto Networks Cloud NGFW
Palo Alto Networks Prisma Access

Remedy

This issue is fixed in 10.2.9-h11, 10.2.10-h4, PAN-OS 10.2.11, PAN-OS 11.0.4-h5, PAN-OS 11.0.6, PAN-OS 11.1.3, and all later PAN-OS versions.

Remedy

Customers can block attacks for this vulnerability by disabling this setting: Device > Setup Session > Decryption Settings > SSL Decryption Settings > Send handshake messages to CTD for inspection. Customers with a Threat Prevention subscription, who want to keep domain fronting detection enabled, can block attacks for this vulnerability by enabling Threat ID 94971 (introduced in Applications and Threats content version 8854).

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-9468?

    CVE-2024-9468 is categorized as a denial of service (DoS) vulnerability due to memory corruption in Palo Alto Networks PAN-OS.

  • How do I fix CVE-2024-9468?

    To mitigate CVE-2024-9468, upgrade to the latest patched version of PAN-OS recommended by Palo Alto Networks.

  • Who is affected by CVE-2024-9468?

    CVE-2024-9468 affects users of Palo Alto Networks PAN-OS versions up to 10.2.9-h11, 11.0.4-h5, and specific versions of Cloud NGFW and Prisma Access.

  • What is the impact of CVE-2024-9468?

    Exploitation of CVE-2024-9468 can lead to an attacker being able to crash PAN-OS, causing a denial of service condition.

  • Is CVE-2024-9468 remotely exploitable?

    Yes, CVE-2024-9468 can be exploited remotely by an unauthenticated attacker.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203