{"vulnerability": "CVE-2024-5910", "sightings": [{"uuid": "fa5e3aa3-57a4-4ccb-9edf-fab280e61c8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://thehackernews.com/2024/11/cisa-alerts-to-active-exploitation-of.html", "content": "", "creation_timestamp": "2024-11-08T05:17:00.000000Z"}, {"uuid": "79cc6411-208f-4ee9-9e61-cfbbce30f59c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-5910", "type": "exploited", "source": "", "content": "", "creation_timestamp": "2024-11-07T20:16:32.104587Z"}, {"uuid": "a23a2d9e-da51-4ae9-9816-e9b93517c277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://security.paloaltonetworks.com/CVE-2024-5910", "content": "", "creation_timestamp": "2024-11-07T22:25:00.000000Z"}, {"uuid": "82d8b482-234c-44e4-af08-22254bf68f84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442403763317792", "content": "", "creation_timestamp": "2024-11-07T15:35:10.432154Z"}, {"uuid": "0176a53f-4e36-425e-b616-d6eca32573b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://mastodon.social/users/hrbrmstr/statuses/113442673510281546", "content": "", "creation_timestamp": "2024-11-07T16:43:47.514644Z"}, {"uuid": "597e1975-e867-4832-a646-b34c4c28d9a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2623045", "content": "", "creation_timestamp": "2024-11-07T18:26:12.774733Z"}, {"uuid": "a8924efb-cc50-48a7-80da-ed9a4fff6ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://infosec.exchange/users/patchnow24x7/statuses/113445137999456682", "content": "", "creation_timestamp": "2024-11-08T03:10:31.337611Z"}, {"uuid": "c2a6d088-793a-4fe7-89fa-e1fbafb5b707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-5910", "type": "seen", "source": "https://social.skynetcloud.site/users/jos1264/statuses/113447298873185006", "content": "", "creation_timestamp": "2024-11-08T12:20:11.040340Z"}, {"uuid": "6f448a6d-83d4-416b-9993-7f5e8f252704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-5910", "type": "seen", "source": "https://social.skynetcloud.site/users/jos1264/statuses/113447298943606421", "content": "", "creation_timestamp": "2024-11-08T12:20:14.985215Z"}, {"uuid": "18c490c1-d4d6-4a03-b603-21693fb42234", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/113447437619338174", "content": "", "creation_timestamp": "2024-11-08T12:55:20.668515Z"}, {"uuid": "d5e60917-b8e7-4163-bbb4-0af09cb16b1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-5910", "type": "seen", "source": "https://social.skynetcloud.site/users/jos1264/statuses/113448321255399528", "content": "", "creation_timestamp": "2024-11-08T16:40:25.542987Z"}, {"uuid": "c1cec65b-e4d7-4b84-b1b2-db8147f9668b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://social.skynetcloud.site/users/jos1264/statuses/113450365884278213", "content": "", "creation_timestamp": "2024-11-09T01:20:04.635063Z"}, {"uuid": "f291cc0b-3346-42be-a9c5-f10ee151f608", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-11-07T18:10:03.000000Z"}, {"uuid": "7b4389e3-a2f1-47e7-8bcc-fd26f89a30dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://packetstormsecurity.com/files/182665/paloalto_expedition_rce.rb.txt", "content": "", "creation_timestamp": "2024-11-13T14:55:01.000000Z"}, {"uuid": "59519df6-fd8e-49d7-8db7-ea5fee0f99a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:05.000000Z"}, {"uuid": "c54a4d8e-51de-463a-984d-440cbb2cfef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "e3738776-1223-43e5-a59b-ff5bab71f73b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:01.000000Z"}, {"uuid": "9190ece4-e5f0-44fb-b2c0-5f102efd8919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-5910", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9a244593-1a18-488c-b958-136fe4591610", "content": "", "creation_timestamp": "2026-02-02T12:26:24.793081Z"}, {"uuid": "2f6da5e6-b7f1-4512-8043-0a388da403f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "92f99b3c-cf07-4baf-b3a8-ae4f6e1c24ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/paloalto_expedition_rce.rb", "content": "", "creation_timestamp": "2024-11-12T23:19:17.000000Z"}, {"uuid": "06d02eb0-99d7-431b-8249-258693b25bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1331", "content": "", "creation_timestamp": "2024-07-12T04:00:00.000000Z"}, {"uuid": "28124997-f2a1-4a4a-bffc-abf236013809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://t.me/cvedetector/576", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5910 - Missing authentication for a critical function in\", \n  \"Content\": \"CVE ID : CVE-2024-5910 \nPublished : July 10, 2024, 7:15 p.m. | 26\u00a0minutes ago \nDescription : Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.  \n  \nNote: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T21:49:07.000000Z"}, {"uuid": "ed477601-e4aa-4496-af2f-30b57179762b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9307", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-5910 PoC\nURL\uff1ahttps://github.com/Farzan-Kh/CVE-2024-5910\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-04T07:09:02.000000Z"}, {"uuid": "19f8d316-1f06-497e-b765-82f6e58eb4e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "exploited", "source": "https://t.me/cibsecurity/80881", "content": "\ud83e\udd85 CISA Finds Palo Alto Networks\u2019 CVE-2024-5910 Exploited in the Wild \ud83e\udd85\n\n  Overview     The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday alerted federal agencies regarding active exploitation of a critical missing authentication vulnerability in Palo Alto Networks Expedition, a tool widely used by administrators for firewall migration and configuration management.   This flaw, designated CVE20245910, has been actively exploited by attackers since its patch release in July, underscoring the urgency for immediate remediation.   Expedition is a popular migration tool designed to assist administrators in transitioning firewall configurations from vendors such as Check Point and Cisco to Palo Altos PANOS. However, due to a missing authentication mechanism, this tool now presents a significant risk for compromised credentials and potentia...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-11-08T20:01:43.000000Z"}, {"uuid": "7180b063-dd88-43e1-955a-d0cec7158791", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "Telegram/cFz4y_M6xEoer0BSY5q3YiGv30fS4GkYMArEw1-2EtDKnQ", "content": "", "creation_timestamp": "2024-07-11T20:09:43.000000Z"}, {"uuid": "23317287-3e34-4e5c-9195-9ba4b4c339ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://t.me/HackingInsights/5817", "content": "\u200aCVE-2024-5910: Critical Vulnerability Threatens Palo Alto Networks\u2019 Expedition\n\nhttps://securityonline.info/cve-2024-5910-critical-vulnerability-threatens-palo-alto-networks-expedition/", "creation_timestamp": "2024-07-12T13:28:14.000000Z"}, {"uuid": "9508a2de-612e-4e74-94ab-cb6028488c09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "Telegram/eiA4EV3lx2Xj5K19_ERbsqWvZ2LELjbyg0wyACGwCEiaNQ", "content": "", "creation_timestamp": "2024-07-11T18:30:56.000000Z"}, {"uuid": "5b786c6e-f839-453c-a5fa-d2d0d033afaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/14843", "content": "The Hacker News\nPalo Alto Networks Patches Critical Flaw in Expedition Migration Tool\n\nPalo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass.\nCataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover.\n\"Missing authentication", "creation_timestamp": "2024-07-11T20:09:42.000000Z"}, {"uuid": "682eabf4-1e57-48f6-8358-d34592337e5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "exploited", "source": "Telegram/iyUqZxi-ZOHA5q31WG-CECdljikAI2NtqNSD96URfONYlw", "content": "", "creation_timestamp": "2024-11-08T10:33:06.000000Z"}, {"uuid": "3e6eb380-d1d4-42c0-ae62-340e78d7bf40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6304", "content": "\u0422\u0435\u043f\u0435\u0440\u044c \u043e \u0433\u0440\u0443\u0441\u0442\u043d\u043e\u043c, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Fortinet RCE \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e CVE-2024-23113, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u0434\u0435\u043c\u043e\u043d fgfmd \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u0430 \u0441\u0442\u0440\u043e\u043a\u0443 \u0444\u043e\u0440\u043c\u0430\u0442\u0430, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u0438\u0437\u0432\u043d\u0435, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438\u043b\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u043d\u0435\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442 Fortinet, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0434\u0435\u043c\u043e\u043d fgfmd \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430 FortiGate \u0438 FortiManager, \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044f \u0432\u0441\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c\u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043c\u0435\u0436\u0434\u0443 \u043d\u0438\u043c\u0438.\n\nCVE-2024-23113\u00a0\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 FortiOS 7.0 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, FortiPAM 1.0 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, FortiProxy 7.0 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 FortiWeb 7.4.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0435\u0449\u0435 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435, \u043f\u043e\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u0432 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0437\u0430\u043a\u0440\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0435\u043c\u043e\u043d\u0443 fgfmd \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u0432 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u043f\u0440\u0438\u0437\u0432\u0430\u043d\u043d\u043e\u0439 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Fortinet \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0441\u0432\u043e\u0438 \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0447\u0430\u0441\u0442\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2024-23113, \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0432 \u043d\u0435\u0432\u0435\u0434\u0435\u043d\u0438\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0438 \u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430 Palo Alto Networks, \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b PAN-OS. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445:\n\n- CVE-2024-9463\u00a0(\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434)\n- CVE-2024-9464\u00a0(\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434)\n- CVE-2024-9465\u00a0(\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438)\n- CVE-2024-9466\u00a0(\u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0445\u0440\u0430\u043d\u044f\u0442\u0441\u044f \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0432\u0438\u0434\u0435 \u0432 \u0436\u0443\u0440\u043d\u0430\u043b\u0430\u0445)\n- CVE-2024-9467\u00a0(\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c XSS \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438)\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u0438 Expedition. \u0418\u0445 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c (\u0438\u043c\u0435\u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043f\u0430\u0440\u043e\u043b\u0438, \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u043a\u043b\u044e\u0447\u0438 API \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432 PAN-OS), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0441\u043a\u0438\u0435 \u0443\u0442\u0435\u0447\u043a\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Horizon3.ai, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u0432\u0448\u0438\u0435 \u043e \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043e\u0448\u0438\u0431\u043a\u0430\u0445, \u0443\u0436\u0435 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043e\u0442\u0447\u0435\u0442, \u0430 Hanley - PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u044e\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0431\u0440\u043e\u0441\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 CVE-2024-5910 \u0441 CVE-2024-9464 \u0434\u043b\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Expedition.\n\n\u0412 Palo Alto Networks \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u043b\u044f \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a. \u041d\u043e \u044d\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043a\u0430.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Expedition \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u0432\u0441\u0435 \u0438\u043c\u0435\u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043f\u0430\u0440\u043e\u043b\u0438 \u0438 \u043a\u043b\u044e\u0447\u0438 API, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u043b\u044f \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430.\n\n\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438 Expedition \u0434\u043b\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0445\u043e\u0441\u0442\u043e\u0432 \u0438\u043b\u0438 \u0441\u0435\u0442\u0435\u0439.", "creation_timestamp": "2024-10-10T13:17:11.000000Z"}, {"uuid": "185361a4-d9eb-4459-b779-28193d3b065c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "exploited", "source": "https://t.me/KomunitiSiber/2830", "content": "CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability\nhttps://thehackernews.com/2024/11/cisa-alerts-to-active-exploitation-of.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\nThe vulnerability, tracked as CVE-2024-5910 (CVSS score: 9.3), concerns a case of missing authentication in the Expedition migration tool that", "creation_timestamp": "2024-11-08T07:17:57.000000Z"}, {"uuid": "b0152067-a2c7-43f5-9ff2-b5bbf718dd30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/2889", "content": "The Hacker News\nPalo Alto Networks Patches Critical Flaw in Expedition Migration Tool\n\nPalo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass.\nCataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover.\n\"Missing authentication", "creation_timestamp": "2024-07-11T20:09:42.000000Z"}, {"uuid": "94705bbd-429d-42c9-b3df-67a6d4f135ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "seen", "source": "https://t.me/KomunitiSiber/2241", "content": "Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool\nhttps://thehackernews.com/2024/07/palo-alto-networks-patches-critical.html\n\nPalo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass.\nCataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover.\n\"Missing authentication", "creation_timestamp": "2024-07-11T19:22:11.000000Z"}, {"uuid": "c56ef0a7-6446-4896-b644-7327b635f9b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "exploited", "source": "Telegram/0VBmeHghnmPXCpG5kVpjQga_lAOHxnlgefDdqk8JVcn2kjU", "content": "", "creation_timestamp": "2024-11-08T16:22:45.000000Z"}, {"uuid": "3f7b9423-7c69-41e2-b694-15488388bc91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "exploited", "source": "https://t.me/true_secator/6413", "content": "\u0412 Palo Alto Networks \u0432\u0438\u0434\u0438\u043c\u043e \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u0442\u0430\u0440\u044b\u043c \u0434\u043e\u0431\u0440\u044b\u043c \u00ab\u043a\u043e\u0440\u0430\u0431\u0435\u043b\u044c\u043d\u044b\u043c\u00bb \u043f\u0440\u0430\u0432\u0438\u043b\u043e\u043c \u043f\u043e \u0447\u0430\u0441\u0442\u0438 \u0432\u044b\u0431\u043e\u0440\u0430 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0438 \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u044b \u0432 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0440\u0430\u0437 \u0442\u0440\u0443\u0431\u0438\u0442\u044c \u0442\u0440\u0435\u0432\u043e\u0433\u0443, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0437\u0432\u0430\u043b\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c (\u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c) \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u043c \u044d\u043a\u0440\u0430\u043d\u0430\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f PAN-OS \u0441\u0432\u043e\u0438\u0445 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432 \u0438\u0437-\u0437\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u041f\u0440\u0430\u0432\u0434\u0430, \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u043d\u0438\u043a\u0430\u043a\u043e\u0439 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u044b\u0442\u0430\u044f\u0441\u044c \u0435\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0442\u0435\u043c \u043f\u043e\u043d\u044f\u0442\u044c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\nPalo Alto Networks \u0441\u0435\u0439\u0447\u0430\u0441 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043b\u044e\u0431\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044f \u043f\u0440\u043e\u0434\u0435\u043b\u044b\u0432\u0430\u0442\u044c \u0442\u043e\u0436\u0435 \u0441\u0430\u043c\u043e\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0438 \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u0434\u043b\u044f \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439.\n\n\u0418 \u0432\u0441\u0435 \u044d\u0442\u043e \u043d\u0430 \u0444\u043e\u043d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432 CISA \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0438\u0445\u0441\u044f \u0430\u0442\u0430\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Palo Alto Networks Expedition (CVE-2024-5910), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0438\u044e\u043b\u0435 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442.", "creation_timestamp": "2024-11-11T12:30:17.000000Z"}, {"uuid": "649f9e32-ddba-4254-9d71-668e5cbb8ae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "exploited", "source": "https://t.me/thehackernews/5853", "content": "\ud83d\udea8 CISA has added a critical #vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition to its Known Exploited Vulnerabilities catalog. \n \nThis flaw allows attackers to take over admin accounts, risking sensitive data. \n \n\ud83d\udc49 Read details: https://thehackernews.com/2024/11/cisa-alerts-to-active-exploitation-of.html", "creation_timestamp": "2024-11-08T06:59:23.000000Z"}, {"uuid": "e117c316-334d-44e7-8929-8d88bc135a65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5910", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11267", "content": "#exploit\n1. CVE-2024-5910:\nMissing Authentication Leads to Palo Alto Admin Account Takeover\nhttps://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise\n\n2. CVE-2024-9473:\nPalo Alto Global Protect LPE\nhttps://packetstormsecurity.com/files/182142\n\n3. CVE-2024-8698:\nImproper Verification of SAML Responses Leading to Privilege Escalation in Keycloak\nhttps://github.com/huydoppaz/CVE-2024-8698-POC", "creation_timestamp": "2024-10-12T06:26:23.000000Z"}]}