CVE-2024-2552: 
PAN-OS vulnerability analysis and mitigation

CVE-2024-2552 is a command injection vulnerability discovered in Palo Alto Networks PAN-OS software that was disclosed on November 13, 2024. The vulnerability affects multiple versions of PAN-OS, including versions 10.2.x, 11.0.x, 11.1.x, and 11.2.x. This security flaw enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall (Palo Security).

The vulnerability has been assigned a CVSS v4.0 base score of 4.3 (MEDIUM) and a CVSS v3.1 base score of 6.0 (MEDIUM). It is classified as CWE-22, which refers to 'Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)'. The vulnerability requires high privileges and local access for exploitation, with no user interaction needed. The technical impact assessment shows high integrity and availability impact, while confidentiality impact is rated as none (Palo Security).

The vulnerability's primary impact is on system integrity and availability, as it allows authenticated administrators to delete files on the firewall by bypassing system restrictions. This could potentially affect the normal operation and stability of the firewall system. The vulnerability has high integrity and availability impacts, though there is no direct impact on system confidentiality (Palo Security).

Palo Alto Networks has released fixes in PAN-OS versions 10.2.12, 11.0.6, 11.1.5, 11.2.4, and all later versions. Additional fixes are available in versions 11.1.4-h9, 10.2.11-h9, 10.2.10-h10, 10.2.9-h18, 10.2.8-h18, and 10.2.7-h21. The vendor strongly recommends ensuring access to the management interface is configured correctly according to their best practice deployment guidelines, particularly limiting management interface access to trusted internal IPs only (Palo Security).