Contact

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012

NetmanageIT OpenCTI - opencti.netmanageit.com

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012



SUMMARY :

A critical authentication bypass vulnerability (CVE-2024-0012) in Palo Alto Networks PAN-OS software allows unauthenticated attackers to gain administrator privileges on affected devices. The issue affects PAN-OS versions 10.2, 11.0, 11.1, and 11.2, but not Cloud NGFW or Prisma Access. Limited exploitation attempts have been observed, primarily from anonymous VPN services. Post-exploitation activities include command execution and webshell deployment. Palo Alto Networks is actively monitoring the situation, dubbed Operation Lunar Peek, and has released patches. Customers are urged to update their systems and restrict management interface access to trusted internal IP addresses to mitigate the risk.

OPENCTI LABELS :

vpn,authentication bypass,privilege escalation,webshell,pan-os,cve-2024-9474,cve-2024-0012


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012