TRY NOW

Palo Alto Networks Vulnerability Audit – November 2024

Security Software Vulnerability

Discover Palo Alto PAN-OS Instances Vulnerable to CVE-2024-0012 and CVE-2024-9474

Palo Alto has released security updates addressing 2 zero-day vulnerabilities in the PAN-OS software that are already under active exploitation. The vulnerabilities addressed are CVE-2024-0012 – an authentication bypass with a critical severity score of 9.3 – and CVE-2024-9474 – a privilege escalation vulnerability with a medium severity score of 6.9. As these vulnerabilities have already been exploited, it is advisable to update your systems as soon as possible. You can read more in our PAN-OS vulnerability blog post.

The report below will help you locate vulnerable devices that could be running the affected versions of PAN-OS. This way you have an actionable overview of all affected devices that you still need your intervention.

Run the Palo Alto PAN-OS Vulnerability Audit Report Now!

Palo Alto Networks PAN-OS Vulnerability Audit Lansweeper On-Prem Query

Select Top 1000000 tblAssets.AssetID,
tsysAssetTypes.AssetTypeIcon10 As Icon,
tblAssets.AssetName,
tblAssets.Description,
tblAssets.IPAddress,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysIPLocations.IPLocation,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Firstseen,
tblAssets.Lastseen
From tblAssets
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Left Outer Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Left Outer Join tsysOS On tsysOS.OScode = tblAssets.OScode
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblState.Statename = 'Active' and tblAssetCustom.Manufacturer LIKE '%Palo%Alto%'and 
(tblAssets.Description Like '%PA%220%Series%' or
tblAssets.Description Like '%PA%400%Series%' or
tblAssets.Description Like '%PA%800%Series%' or
tblAssets.Description Like '%PA%1400%Series%' or
tblAssets.Description Like '%PA%3200%Series%' or
tblAssets.Description Like '%PA%3400%Series%' or
tblAssets.Description Like '%PA%5200%Series%' or
tblAssets.Description Like '%PA%5400%Series%' or
tblAssets.Description Like '%PA%7000%Series%' or
tblAssets.Description Like '%VM%Series%' or
tblAssets.Description Like '%CN%Series%' or
tblAssets.Description Like '%M%200%' or
tblAssets.Description Like '%M%600%' or
tblAssets.Description Like '%M%700%' or
tblAssets.Description Like '%WF%500%' or
tblAssets.Description Like '%Panorama%Virtual%Appliance%');

Show

Hide

NO CREDIT CARD REQUIRED

Ready to get started?
You’ll be up and running in no time.

Explore all our features, free for 14 days.