Palo Alto Networks issued fixes to address five significant Expedition customer migration tool flaws, which could be leveraged to compromise PAN-OS firewall accounts, reports SecurityWeek.
The most serious of the resolved vulnerabilities was the critical OS command injection issue, tracked as CVE-2024-9463, which could be exploited to expose firewalls' usernames, cleartext passwords, API keys, and configurations, according to Palo Alto Networks.
Palo Alto Networks also noted similar data exposure could occur from the abuse of another critical bug of the same nature, tracked as CVE-2024-9464. Palo Alto Networks also patched a critical SQL injection flaw, tracked as CVE-2024-9465, which could be used to compromise usernames and password hashes within Expedition databases, as well as the high-severity bugs, tracked as CVE-2024-9466 and CVE-2024-9467, which could be utilized to reveal sensitive firewall details and execute malicious JavaScript for phishing intrusions, respectively.
Aside from ensuring updates to Expedition iterations 1.2.96 and later, organizations are urged to mitigate attack risk by rotating both Expedition and firewall credentials.
