“Palo Alto Networks has noticed menace exercise exploiting an unauthenticated distant command execution vulnerability in opposition to a restricted variety of firewall administration interfaces that are uncovered to the Web,” Palo Alto Networks mentioned in one other advisory replace, including “We don’t have ample details about any indicators of compromise to share at the moment.”
If a compromise is feared, prospects are suggested to watch for suspicious exercise reminiscent of unrecognised configuration modifications or customers.
As further workarounds, all Expedition and firewall usernames, passwords, and API keys should be rotated, Expedition software program ought to be shut down in inactivity, and community entry to Expedition should be restricted to authorised customers, hosts, or networks, the corporate added.
