CVE-2024-9463
Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- October 03, 2024
- Published Date
- October 09, 2024
- Last Updated
- November 14, 2024
- Vendor
- Palo Alto Networks
- Product
- Expedition
- Description
- An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
- Tags
- Exploitation
- active
- Automatable
- Yes
- Technical Impact
- total
- Exploited in the Wild
- Yes (2024-11-14 00:00:00 UTC) Source
cisa
edge
nuclei_scanner
nessus_scanner
CVSS Scores
CVSS v4.0
9.9 - CRITICAL
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber
SSVC Information
Exploit Status
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2024-11-14 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-9463.yaml | 2025-04-26 00:00:00 UTC |
| Nessus | https://www.tenable.com/plugins/nessus/209281 | 2024-10-18 20:22:00 UTC |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Detected by Nessus
-
Added to KEVIntel
-
Detected by Nuclei