KEVIntel

Vulnerability detail

Enriched intelligence for a single CVE

Back to KEVs

9.9

CVSS
Critical

CVE-2024-9463

PUBLISHED

Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure

Exploited in the wild Remote Low complexity No user interaction

Vendor: Palo Alto Networks
Product: Expedition
Published: Oct 09, 2024
EPSS: —

Description

An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

cisa nuclei_scanner edge nessus_scanner

CVSS scores

CVSS v4.0 9.9 Critical

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber

Exploitation status

Exploited in the wild

Recorded 2024-11-14 00:00:00 UTC · Source

SSVC decision points

Exploitation: active
Automatable: Yes
Technical impact: total

References

https://security.paloaltonetworks.com/PAN-SA-2024-0010

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Nov 14, 2024

Scanner integrations

Scanner	Reference	Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-9463.yaml	Apr 25, 2025
Nessus	https://www.tenable.com/plugins/nessus/209281	Oct 18, 2024

Timeline

CVE ID Reserved

October 03, 2024
CVE Published to Public

October 09, 2024
Detected by Nessus

October 18, 2024
Added to KEVIntel

November 14, 2024
Detected by Nuclei

April 25, 2025