CVE-2024-2550

Description

A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.

CVSS breakdown

CVSS 4.0

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

None

Confidentiality (Vulnerable System)

None

Integrity (Vulnerable System)

None

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Unchanged

Changed

Amber

Affected products

Palo Alto Networks / Cloud NGFWAll – All
Palo Alto Networks / Prisma AccessAll – All
paloaltonetworks / pan-os11.1.4 – 11.1.4
paloaltonetworks / pan-os11.1.4 – 11.1.4
paloaltonetworks / pan-os11.1.4 – 11.1.4
paloaltonetworks / pan-os11.1.4 – 11.1.4
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.3 – 11.1.3
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.2 – 11.1.2
paloaltonetworks / pan-os11.1.1 – 11.1.1
paloaltonetworks / pan-os11.1.1 – 11.1.1
paloaltonetworks / pan-os11.1.0 – 11.1.0
paloaltonetworks / pan-os11.1.0 – 11.1.0
paloaltonetworks / pan-os11.1.0 – 11.1.0
paloaltonetworks / pan-os11.1.0 – 11.1.0
paloaltonetworks / pan-os11.1 – 11.1
paloaltonetworks / pan-os11.0.5 – 11.0.5
paloaltonetworks / pan-os11.0.5 – 11.0.5
paloaltonetworks / pan-os11.0.4 – 11.0.4
paloaltonetworks / pan-os11.0.4 – 11.0.4
paloaltonetworks / pan-os11.0.4 – 11.0.4
paloaltonetworks / pan-os11.0.4 – 11.0.4
paloaltonetworks / pan-os11.0.4 – 11.0.4
paloaltonetworks / pan-os11.0.4 – 11.0.4
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.3 – 11.0.3
paloaltonetworks / pan-os11.0.2 – 11.0.2
paloaltonetworks / pan-os11.0.2 – 11.0.2
paloaltonetworks / pan-os11.0.2 – 11.0.2
paloaltonetworks / pan-os11.0.2 – 11.0.2
paloaltonetworks / pan-os11.0.2 – 11.0.2
paloaltonetworks / pan-os11.0.1 – 11.0.1
paloaltonetworks / pan-os11.0.1 – 11.0.1
paloaltonetworks / pan-os11.0.1 – 11.0.1
paloaltonetworks / pan-os11.0.1 – 11.0.1
paloaltonetworks / pan-os11.0.1 – 11.0.1
paloaltonetworks / pan-os11.0.0 – 11.0.0
paloaltonetworks / pan-os11.0.0 – 11.0.0
paloaltonetworks / pan-os11.0.0 – 11.0.0
paloaltonetworks / pan-os11.0.0 – 11.0.0
paloaltonetworks / pan-os11.0 – 11.0
paloaltonetworks / pan-os10.2.10 – 10.2.10
paloaltonetworks / pan-os10.2.10 – 10.2.10
paloaltonetworks / pan-os10.2.10 – 10.2.10
paloaltonetworks / pan-os10.2.10 – 10.2.10
paloaltonetworks / pan-os10.2.10 – 10.2.10
paloaltonetworks / pan-os10.2.10 – 10.2.10
paloaltonetworks / pan-os10.2.10 – 10.2.10
paloaltonetworks / pan-os10.2.10 – 10.2.10
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.9 – 10.2.9
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.8 – 10.2.8
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.7 – 10.2.7
paloaltonetworks / pan-os10.2.6 – 10.2.6
paloaltonetworks / pan-os10.2.6 – 10.2.6
paloaltonetworks / pan-os10.2.6 – 10.2.6
paloaltonetworks / pan-os10.2.6 – 10.2.6
paloaltonetworks / pan-os10.2.5 – 10.2.5
paloaltonetworks / pan-os10.2.5 – 10.2.5
paloaltonetworks / pan-os10.2.5 – 10.2.5
paloaltonetworks / pan-os10.2.5 – 10.2.5
paloaltonetworks / pan-os10.2.5 – 10.2.5
paloaltonetworks / pan-os10.2.5 – 10.2.5
paloaltonetworks / pan-os10.2.5 – 10.2.5
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.4 – 10.2.4
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os10.2.2 – 10.2.2
paloaltonetworks / pan-os10.2.2 – 10.2.2
paloaltonetworks / pan-os10.2.2 – 10.2.2
paloaltonetworks / pan-os10.2.2 – 10.2.2
paloaltonetworks / pan-os10.2.2 – 10.2.2
paloaltonetworks / pan-os10.2.2 – 10.2.2
paloaltonetworks / pan-os10.2.1 – 10.2.1
paloaltonetworks / pan-os10.2.1 – 10.2.1
paloaltonetworks / pan-os10.2.1 – 10.2.1
paloaltonetworks / pan-os10.2.0 – 10.2.0
paloaltonetworks / pan-os10.2.0 – 10.2.0
paloaltonetworks / pan-os10.2.0 – 10.2.0
paloaltonetworks / pan-os10.2.0 – 10.2.0
paloaltonetworks / pan-os10.2 – 10.2
paloaltonetworks / pan-os10.2.3 – 10.2.3
paloaltonetworks / pan-os11.1.4 – 11.1.4

References

MISChttps://security.paloaltonetworks.com/CVE-2024-2550