Vulnerability detail
Enriched intelligence for a single CVE
Medium
CVE-2024-9474
PUBLISHEDPAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface
- Vendor
- Palo Alto Networks
- Product
- Cloud NGFW, PAN-OS, Prisma Access
- Published
- Nov 18, 2024
- EPSS
- —
Description
A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.
CVSS scores
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red
SSVC decision points
- Exploitation
- active
- Automatable
- No
- Technical impact
- total
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Nov 18, 2024 |
Scanner integrations
| Scanner | Reference | Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/panos_management_unauth_rce.rb | Apr 28, 2025 |
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-9474.yaml | Apr 25, 2025 |
| Nessus | https://www.tenable.com/plugins/nessus/211513 | Nov 18, 2024 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2024-12-11 03:10:41 UTC · 2 stars
Palo Alto Networks PAN-OS(CVE-2024-9474) POC
github · Created 2024-11-19 22:03:13 UTC · 8 stars
github · Created 2024-11-19 17:26:27 UTC · 45 stars
PAN-OS auth bypass + RCE
Timeline
-
CVE ID Reserved
-
Added to KEVIntel
-
CVE Published to Public
-
Detected by Nessus
-
Proof of Concept Exploit Available
-
Detected by Nuclei
-
Detected by Metasploit
-
Exploit Used in Malware