What is the Vulnerability?Attackers are exploiting, a Denial-of-Service vulnerability (CVE-2024-3393) in the DNS Security feature of Palo Alto Networks PAN-OS. This vulnerability allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall, causing it to crash and reboot, potentially leading to Denial of Service (DoS).CISA has also added CVE-2024-3393 to its Known Exploited Vulnerability (KEV) Catalog on December 12, 2024.What is the recommended Mitigation?Palo Alto Networks has released a patch for CVE-2024-3393 and noted in their advisory, that they are “aware of customers experiencing this denial of service (DoS) when their firewall blocks malicious DNS packets that trigger this issue”. For detailed guidance, visit https://security.paloaltonetworks.com/CVE-2024-3393 What FortiGuard Coverage is available?FortiGuard Labs recommends users to apply the fix provided by the vendor and follow instructions as mentioned on the vendor’s advisory. The FortiGuard Incident Response team can be engaged to help with any suspected compromise.
