Understand the PAN-OS firewall zero-day, how it was exploited, and how Arctic Wolf’s proactive security measures was able to stop the threat.

ArcticWolf's platform is a central hub for cybersecurity professionals, offering insights into managed detection and response (MDR), threat intelligence, and security operations. Through articles, reports, and webinars, ArcticWolf offers insights into detecting and responding to cybersecurity threats effectively. Security analysts can learn about threat hunting, incident response strategies, and security best practices to protect organizations from cyberattacks.

Arctic Wolf

In April 2024, Palo Alto Networks disclosed a critical zero-day vulnerability, CVE-2024-3400, affecting their PAN-OS firewalls with a severity score of 10.0. The vulnerability allows remote attackers to execute arbitrary code with root privileges. Upon its disclosure, approximately 22,542 internet-exposed firewall devices were vulnerable. Security teams quickly worked to mitigate the threat, stopping attacks in their tracks with proactive measures. Arctic Wolf prevented exploitation through active customer communication and monitoring, successfully thwarting multiple attacks and preventing ransomware infections.

Anatomy of a Cyber Attack: PAN-OS Firewall Zero-Day I Arctic Wolf

What Is CVE-2024-3400, the PAN-OS Firewall Zero-Day?

The Stages of Attack: A Typical Exploit of CVE-2024-3400

How Arctic Wolf Prevented Exploitation of CVE-2024-3400