the cybersecurity giant updated its advisory for CVE-2024-3400 to include a link to a knowledge base article providing remediations depending on the exploitation attempt’s level of success.
Palo Alto Networks previously provided information on checking whether a device has been compromised or targeted by threat actors.
Attacks exploiting CVE-2024-3400 to hack Palo Alto firewalls came to light on April 12, when the vendor and cybersecurity firm Volexity issued warnings about the zero-day being leveraged in limited attacks.
Volexity tracks the threat actor as UTA0218 and Palo Alto is tracking the initial exploitation of the vulnerability as Operation MidnightEclipse. Exploitation has increased following the release of PoC code.