Advisories 4 May 2026 / 0 Comments

Palo Alto PAN-OS GlobalProtect Command Injection Under Active Exploitation (CVE-2024-3400)

Scope: Palo Alto Networks PAN-OS (GlobalProtect Gateway)

Severity: Red

A critical command injection vulnerability in Palo Alto Networks PAN-OS affects devices with the GlobalProtect gateway enabled, allowing unauthenticated attackers to execute arbitrary commands directly on vulnerable firewalls. Successful exploitation enables full perimeter security bypass, malware or ransomware deployment, persistent access establishment, and lateral movement across enterprise networks. Organizations should apply patches immediately, restrict external exposure of management and GlobalProtect interfaces, and implement network segmentation to contain potential attacker movement.

The Uganda National CERT and Coordination Center (CERT.UG/CC) encourages users and administrators to review the recommendations and apply the necessary updates.

Palo Alto PAN-OS GlobalProtect Command Injection Under Active Exploitation (CVE-2024-3400)

BlueKit Phishing-as-a-Service Platform – AI-Assisted Credential Theft Campaigns

Recent Advisories

Categories

Contact info

Useful Links

Subscribe to our Mailing List

Palo Alto PAN-OS GlobalProtect Command Injection Under Active Exploitation (CVE-2024-3400)

RELATED ADVISORIES

BlueKit Phishing-as-a-Service Platform – AI-Assisted Credential Theft Campaigns

Recent Advisories

Categories