On November 18, 2024, Palo Alto Networks (PAN) fully disclosed two serious vulnerabilities in PAN-OS software that had previously been partially disclosed on November 8th. The first vulnerability, CVE-2024-0012, is a critical severity (9.3) authentication bypass in the PAN-OS management web interface. It allows unauthenticated attackers with network access to gain administrator privileges by bypassing the authentication check entirely, essentially telling the server not to check for authentication at all.

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges and perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474.

IONIX today announced the release of our Cloud Exposure Validator, a tool designed to reduce cloud vulnerability management noise shifting focus to findings that represent the biggest threats. The Validator addresses the growing challenges organizations face in managing cloud security risks effectively. This blog post explains how.

A critical authentication bypass vulnerability has been identified in the WordPress plugin Really Simple Security (formerly known as Really Simple SSL), affecting both its free and Pro versions.

External Attack Surface Management, or EASM, has become a necessary component of a proactive cybersecurity strategy. According to research from Enterprise Strategy Group, over 65% of breaches stem from a compromised, externally exposed asset, so knowing your attack surface is key to avoiding breaches. Gartner, for this reason, is recommending EASM as a key pillar in the new approach to proactive security they call Exposure Management.

Third-party vendors are essential for many business operations, from cloud providers to SaaS applications. However, they add to the ever-growing scope of an organization’s risk management. Third-party risk management (TPRM) is the process of identifying, assessing, and mitigating the security risks posed by vendors, contractors, and service providers that have access to your organization’s data or systems.

Two Citrix vulnerabilities (CVE-2024-8068 and CVE-2024-8069) can potentially lead to unauthenticated remote code execution. Note: according to the vendor, privilege escalation to NetworkService Account access in Citrix Session Recording and limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording is possible when an attacker is an authenticated user in the same intranet.

According to security researcher nol_tech CVE-2024–50340 is a critical vulnerability (CVSS: 7.3) affecting Symfony applications when the PHP directive register_argc_argv is enabled. By appending ?+--env=dev to a URL, attackers can force the application into the dev environment, granting remote access to the Symfony profiler. This exposure can lead to the leaking of sensitive information and potentially executing arbitrary code.

Savvy security leaders are moving from the legacy framework of vulnerability management to the emerging framework of exposure management because it solves their biggest challenges. The attack surface, which now contains cloud assets, distributed and mobile employees, and Internet of Things (IoT) integrated into every aspect of the workplace, is too complicated and changes too quickly to be managed with outdated methods and technologies.

Web applications are many organizations’ primary point of contact with their customers, but they’re also one of their greatest vulnerabilities. Most web applications contain at least one exploitable vulnerability, and the repercussions of a successful exploit can be devastating for an organization or its customers. In this article Web application security focuses on identifying, remediating, and defending web applications to reduce an organization’s vulnerability to attack.