Exploit code for Palo Alto Networks zero-day now public

Various infosec researchers have released proof-of-concept (PoC) exploits for the maximum-severity vulnerability in Palo Alto Networks' PAN-OS used in GlobalProtect gateways.

The PoCs started rolling out just a day after the vendor began releasing hotfixes for the issue on Monday. Researchers have echoed previous warnings about how easy the vulnerability is to use in attacks, and said that many organizations could be compromised as a result.

Cybersecurity biz watchTowr Labs was the first to release a detailed analysis of CVE-2024-3400, along with a PoC, despite cheekily saying it no longer releases them.

Rapid7 rolled out its own soon after, explaining that a successful exploit is actually dependent on a chain of two vulnerabilities: CVE-2024-3400 and one that hasn't yet been assigned a CVE.

Before command injection can be achieved, researchers demonstrated that an attacker must be able to create arbitrary files. 

They showed that a file can be created ...