IsItPatchedInstant security status for any software version
← All products

CVE-2024-0012

CRITICAL severity · CVSS 9.8 · Missing authentication · actively exploited (CISA KEV)
9.8CVSS CRITICAL ● exploited ⚠ ransomware
🔴 Actively exploited in the wild (CISA Known Exploited Vulnerabilities). ⚠ Known use in ransomware campaigns. Added to KEV 2024-11-18. US federal agencies must patch by 2024-12-09.

Summary

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Impact & exploitability

Attack vectorNetwork
Attack complexityLow
Privileges requiredNone
User interactionNone
Confidentiality impactHigh
Integrity impactHigh
Availability impactHigh
Exploit probability (EPSS)94%

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products we track (1)

Palo Alto PAN-OS

Recommendation

This vulnerability is being actively exploited in the wild — patch affected products urgently. Open any affected product above for its exact safe version.

Additional information

Last checked: Wed, 10 Jun 2026 22:18:30 UTC