US Internet Security Giant Palo Alto Networks has warned that hackers are using another weakness on his firewall software to enter the networks of unfulfilled clients.
The attackers are taking advantage of a recent discovered weakness at the PAN-OO, the operating system running the Firewalls Palo Alto Networks, the California-based-based company confirmed Tuesday.
The Asssetnote Internet Security firm first discovered the sensitivity, followed as CVE-2015-0108, earlier this month while analyzing two previous Palo Alto Firewall weaknesses used in previous attacks.
Palo Alto Networks issued a counseling on the same day and called on clients to urgently go against the last mistake. The company updated its advice on Tuesday to warn that weakness is under active attack.
The company said malicious attackers were occupying the vulnerability with two previously discovered-CC-2014-9474 and CVE-2015-0111-to aim for the management interfaces of the Undell and Uncertain Pan-os web. Cve-2024-9474 has been used in attacks since November 2024, we have reported earlier.
Palo Alto Networks did not explain how the three weaknesses are chained together by hackers, but noted that the complexity of the attack is “low”.
The rate of exploitation is not known yet, but the beginning of the intelligence of the threat Greynoise said in a blog post on Tuesday that it has noticed 25 IP addresses actively utilizing PAN-OO sensitivity, from the two IP address on February 13, suggesting one increase in the activity of exploitation. The exploitation efforts have been flags by Greynoise as “malicious”, suggesting that threat actors are behind the exploitation than security researchers.
“This flaw with high security allows unauthorized attackers to execute specific PHP logs, potentially leading to unauthorized access to vulnerable systems,” Greynoise said.
Graynoise says it has noticed the highest levels of attack traffic in the US, Germany and the Netherlands.
It is not known who is behind these attacks, or if any sensitive data has been stolen from client networks. Palo Alto networks did not immediately answer Techcrunch’s questions.
CISA, the US government’s online security agency, added Tuesday to the latest Palo Alto Bug Alto Bug catalog.
