Known Exploited Vulnerability: CVE-2024-9474

Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability

Catalog version: 2026.07.10 Date added: 2024-11-18 Due date: 2024-12-09 CISA catalog

Vendor: Palo Alto Networks

Product: PAN-OS

Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet.

Known ransomware campaign use: Known

Notes: https://security.paloaltonetworks.com/CVE-2024-9474 https://nvd.nist.gov/vuln/detail/CVE-2024-9474

CWEs

cvelogic Threat Intelligence