Due to an uptick of observed unauthenticated threat activity against publicly exposed firewall management interfaces or misconfigured devices, Palo Alto Networks has updated its security advisories for customers to ensure they remain in accordance with best practice security and deployment guidelines for its products.
Relevance:
This advisory is relevant to customers with Palo Alto devices with management ports that may be in any part accessible outside of isolated VLANs or internal networks. It includes guidance on identifying potentially vulnerable devices, advice for pinpointing active exploitation/compromise, and verifying/changing management settings to ensure future protection.
Recommendations:
Visit the advisory at https://security.paloaltonetworks.com/PAN-SA-2024-0015 for the full guidance.
