Palo Alto Networks—Critical zero-day vulnerability CVE-2024-3400 in Palo Alto firewalls exploited on 6,634 devices, allowing root access

Apr 12, 2024

In April 2024, a command injection vulnerability CVE-2024-3400 with CVSS score of 10 allowed unauthenticated attackers to execute arbitrary code with root privileges on Palo Alto Networks firewalls. The vulnerability impacted the GlobalProtect gateway/portal VPN feature on PAN-OS devices. Shadowserver Foundation scanning found 6,634 devices vulnerable and likely exploited. Additional November 2024 vulnerabilities led to about 2,000 firewalls breached worldwide.

Scoring Impact

Topic	Direction	Relevance	Contribution
AI Safety	-against	secondary	-0.50
Data Security	-against	primary	-1.00
Overall incident score =			-0.885

Score = avg(topic contributions) × significance (critical ×2) × confidence (0.59)

Evidence (1 signal)

Confirms product_decision Apr 12, 2024 verified

Palo Alto firewall vulnerability CVE-2024-3400 with CVSS 10 exploited on 6,634 devices allowing root access

In April 2024, a command injection vulnerability CVE-2024-3400 with maximum CVSS score of 10 allowed unauthenticated attackers to execute arbitrary code with root privileges on Palo Alto Networks firewalls. The vulnerability affected GlobalProtect gateway/portal VPN feature. Shadowserver Foundation found 6,634 devices vulnerable and likely exploited.

The Record,Cybersecurity Dive

Related: Same Topics

Arvind Krishna · Announced pause on hiring for 8,000 back-office roles that could be replaced by AI and automation

May 1, 2023

Demis Hassabis · Signed AI extinction risk statement calling for global priority on AI safety

May 30, 2023

Ilya Sutskever · Led OpenAI board's ouster of CEO Sam Altman over safety and governance concerns

Nov 17, 2023

Ilya Sutskever · Founded Safe Superintelligence Inc. (SSI) focused exclusively on AI safety

Jun 19, 2024

Jan Leike · Resigned from OpenAI criticizing company for prioritizing 'shiny products' over AI safety

May 17, 2024