Home Palo Alto Networks CVE-2024-3400

CRITICAL: THIS VULNERABILITY IS ACTIVELY BEING EXPLOITED IN THE WILD (CISA KEV CATALOG)

Back to Palo Alto Networks

CVE-2024-3400

Exploited

PAN-OS - GlobalProtect

Palo Alto Networks CVSS 10 Updated March 16, 2026

Threat Level CRITICAL

Executive Risk Summary

"A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. This vulnerability affects specific PAN-OS versions and distinct feature configurations, but does not impact Cloud NGFW, Panorama appliances, and Prisma Access."

Operational Audit Arsenal

Target Type Firmware Image

Target Asset PAN-OS

Standard Path Global Firmware

Manual Verification Required

This is a non-Windows asset (Palo Alto Networks). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.

Patch Impact Forecast

Reboot Required Likely

Network connectivity may be disrupted during the patching process

Internal Work Notes

Unauthenticated remote code execution vulnerability in GlobalProtect feature of PAN-OS, requiring immediate patching to prevent potential root-level access

Technical Intelligence & Operational Utilities • Delivered Weekly

Intelligence Sources

Official Advisoryhttps://security.paloaltonetworks.com/CVE-2024-3400

Official Advisoryhttps://unit42.paloaltonetworks.com/cve-2024-3400/

Official Advisoryhttps://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/

Official Advisoryhttps://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/

Official Advisoryhttps://security.paloaltonetworks.com/CVE-2024-3400

Official Advisoryhttps://unit42.paloaltonetworks.com/cve-2024-3400/

Official Advisoryhttps://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/

Official Advisoryhttps://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/

Official Advisoryhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-3400

Related Palo Alto Networks Threats

CVE-2024-5910 CVSS 9.8

Palo Alto Networks Expedition

CVE-2025-0107 CVSS 9.8

Expedition - Web UI

CVE-2024-5914 CVSS 9.8

Cortex XSOAR - CommonScripts Pack

Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.