Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400) : vimarsana.com

On April 10, 2024, Volexity identified zero-day exploitation of a vulnerability found within the GlobalProtect feature of Palo Alto Networks PAN-OS at one of its network security monitoring (NSM) customers. Volexity received alerts regarding suspect network traffic emanating from the customer’s firewall. A subsequent investigation determined the device had been compromised. The following day, April 11, 2024, Volexity observed further, identical exploitation at another one of its NSM customers by the same threat actor.

Related Keywords

, Volexity Github , Volexity Network Security Monitoring , Palo Alto Network Globalprotect , Palo Alto Networks Globalprotect , Volexity Threat Research , Palo Alto Networks , Network Traffic Analysis , Lateral Movement Data , Zero Day Exploitation , Volexity Threat , Alto Networks , Palo Alto Global Protect , Palo Alto , Code Executed , Active Directory , Microsoft Edge , Virtual Private Servers , Google Chrome , Global Protect , Endpoint Detection , Palo Alto Globalprotect , Tech Support File , Tech Support , Memory Analysis , Volexity Volcano , Network Security Monitoring ,