From ab9061a9d2fd61bcb684e780152dfdaf593d0330 Mon Sep 17 00:00:00 2001
From: Muhammad <125419051+mahmadhabib076@users.noreply.github.com>
Date: Mon, 30 Dec 2024 10:26:02 +0800
Subject: [PATCH] PAN-OS Vulnerability Now Exploited in the Wild - 20241230001
 (#1146)

* PAN-OS Vulnerability Now Exploited in the Wild - 20241230001

* Format markdown docs

---------

Co-authored-by: mahmadhabib076 <mahmadhabib076@users.noreply.github.com>
---
 ...Vulnerability-Now-Exploited-in-the-Wild.md | 25 +++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 docs/advisories/20241230001-PAN-OS-Vulnerability-Now-Exploited-in-the-Wild.md

diff --git a/docs/advisories/20241230001-PAN-OS-Vulnerability-Now-Exploited-in-the-Wild.md b/docs/advisories/20241230001-PAN-OS-Vulnerability-Now-Exploited-in-the-Wild.md
new file mode 100644
index 00000000..c8753abc
--- /dev/null
+++ b/docs/advisories/20241230001-PAN-OS-Vulnerability-Now-Exploited-in-the-Wild.md
@@ -0,0 +1,25 @@
+# PAN-OS Vulnerability Now Exploited in the Wild - 20241230001
+
+## Overview
+
+Palo Alto Networks has issued a security advisory concerning a critical vulnerability in the DNS Security feature of its PAN-OS software. Exploitation of the vulnerability could allow an unauthenticated attacker to disrupt firewall operations and force them into maintenance mode.
+
+## What is vulnerable?
+
+| Product(s) Affected | Version(s)                                                                                                                                      | CVE                                                             | CVSS | Severity |
+| ------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------- | ---- | -------- |
+| PAN-OS Software     | **PAN-OS 11.2:** < 11.2.3 <br> **PAN-OS 11.1:** < 11.1.5 <br> **PAN-OS 10.2:** >= 10.2.8, < 10.2.14 <br> **PAN-OS 10.1:** >= 10.1.14, < 10.1.15 | [CVE-2024-3393](https://nvd.nist.gov/vuln/detail/CVE-2024-3393) | 8.7  | High     |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- PaloAlto: <https://security.paloaltonetworks.com/CVE-2024-3393>
+
+## Additional References
+
+- Cybersecurity News: <https://securityonline.info/cve-2024-3393-pan-os-vulnerability-now-exploited-in-the-wild/>