Palo Alto Networks warns of firewall RCE zero-day exploited in attacks

A zero-day vulnerability in Palo Alto Networks' PAN-OS User-ID Authentication Portal is being actively exploited by attackers, allowing for remote code execution (RCE) on affected firewalls. This critical-severity flaw poses a significant risk to organizations relying on these firewalls for security. The vulnerability is unpatched, meaning that attackers can exploit it until a fix is released. Palo Alto Networks has warned customers of the vulnerability, emphasizing the need for immediate action to assess exposure and mitigate potential attacks¹. The fact that this zero-day is being exploited in the wild means that the window for patching is rapidly shrinking. Organizations using affected firewalls must take swift action to protect themselves from potential breaches. This vulnerability's exploitation highlights the importance of timely patch management and vulnerability assessment, so what matters most to security practitioners is the urgent need to evaluate their firewall configurations and apply patches as soon as they become available.