CVE-2024-3384 | PAN-OS Operational Intel

Executive Risk Summary

"A vulnerability in Palo Alto Networks PAN-OS software allows a remote attacker to reboot PAN-OS firewalls by sending Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks can cause the firewall to enter maintenance mode, requiring manual intervention to restore service."

Operational Audit Arsenal

Target Type Service

Target Asset PAN-OS firewall service

Standard Path %PAN-OS installation directory%

PowerShell

# 🛠️ Senior Engineer Universal Audit
# Target: PAN-OS firewall service (Service)
$Targets = 'PAN-OS firewall service'
$SearchPaths = @("$env:windir\System32", "$env:ProgramFiles", "${env:ProgramFiles(x86)}")

Get-ChildItem -Path $SearchPaths -Include $Targets -Recurse -ErrorAction SilentlyContinue | 
Select-Object FullName, @{Name="Version";Expression={$_.VersionInfo.ProductVersion}}

Patch Impact Forecast

Reboot Required Likely

Network traffic and security services

Internal Work Notes

PAN-OS firewall vulnerability CVE-2024-3384 - Remote reboot and potential maintenance mode due to NTLM packet attacks

Technical Intelligence & Operational Utilities • Delivered Weekly

Intelligence Sources

Official Advisoryhttps://security.paloaltonetworks.com/CVE-2024-3384

Related Palo Alto Networks Threats

CVE-2024-3400 CVSS 10

PAN-OS - GlobalProtect

CVE-2025-0107 CVSS 9.8

Expedition - Web UI

CVE-2024-5910 CVSS 9.8

Palo Alto Networks Expedition

Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.