// For flags

CVE-2024-2551

PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet

Severity Score

8.7
*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.

Una vulnerabilidad de desreferencia de puntero nulo en el software PAN-OS de Palo Alto Networks permite a un atacante no autenticado detener un servicio central del sistema en el firewall mediante el envío de un paquete manipulado a través del plano de datos que provoca una condición de denegación de servicio (DoS). Los intentos repetidos de activar esta condición hacen que el firewall entre en modo de mantenimiento.

*Credits: a customer
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
System
Vulnerable | Subsequent
Confidentiality
None
None
Integrity
None
None
Availability
High
None
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
System
Vulnerable | Subsequent
Confidentiality
None
None
Integrity
None
None
Availability
High
None
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-03-15 CVE Reserved
  • 2024-11-14 CVE Published
  • 2024-11-14 CVE Updated
  • 2024-11-15 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-476: NULL Pointer Dereference
CAPEC
  • CAPEC-129: Pointer Manipulation
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://security.paloaltonetworks.com/CVE-2024-2551 2024-11-14
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Palo Alto Networks
Search vendor "Palo Alto Networks"
 PAN-OS
Search vendor "Palo Alto Networks" for product "PAN-OS"
 >= 11.0.0 < 11.0.5
Search vendor "Palo Alto Networks" for product "PAN-OS" and version " >= 11.0.0 < 11.0.5"
en
Affected
Palo Alto Networks
Search vendor "Palo Alto Networks"
 PAN-OS
Search vendor "Palo Alto Networks" for product "PAN-OS"
 >= 10.1.0 < 10.1.14
Search vendor "Palo Alto Networks" for product "PAN-OS" and version " >= 10.1.0 < 10.1.14"
en
Affected