CVE-2024-2550: 
PAN-OS vulnerability analysis and mitigation

A null pointer dereference vulnerability (CVE-2024-2550) was discovered in the GlobalProtect gateway component of Palo Alto Networks PAN-OS software. The vulnerability was disclosed on November 13, 2024, and affects multiple versions of PAN-OS. This security flaw enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition (Palo Advisory).

The vulnerability is classified with a CVSS v4.0 base score of 8.7 (HIGH) and is identified as a NULL Pointer Dereference (CWE-476). The attack vector is network-based (AV:N) with low attack complexity (AC:L), requiring no privileges (PR:N) or user interaction (UI:N). The vulnerability primarily affects system availability (VA:H) while maintaining normal confidentiality and integrity levels (Palo Advisory).

When exploited, the vulnerability allows an attacker to trigger a denial of service condition in the GlobalProtect service. Repeated attempts to exploit this vulnerability can result in the firewall entering maintenance mode, potentially disrupting network operations and VPN services. The impact is particularly significant as it affects the availability of the system while not compromising data confidentiality or integrity (Palo Advisory).

Palo Alto Networks has released fixes in PAN-OS versions 10.2.11, 11.0.6, 11.1.5, and all later PAN-OS versions. Additional fixes are available in versions 11.1.4-h9, 10.2.10-h10, 10.2.9-h18, 10.2.8-h18, and 10.2.7-h21. No workaround or alternative mitigation is available, making it critical for affected organizations to apply the appropriate patches (Palo Advisory).