r/sysadmin • u/soul_stumbler Security Admin • 1d ago
Palo CVE-2024-3393 CVE 8.7
I'm sure many of you have seen this CVE:
https://security.paloaltonetworks.com/CVE-2024-3393
At the high level, a crafted packet can reboot your firewall and eventually put it in maintenance mode. The workaround is to disable your anti-spyware DNS policies so that they do not log events.
They do not mention that you cannot change the predefined default value for the spyware policy. So, if you update all your other profiles, make sure to update all your policies not to use your default policy.
Happy patching!
59 Upvotes
12
u/2nP1nk1nSt1nk 1d ago
Another freaking Palo CVE!