Unrated severityCISA KEVNVD Advisory· Published Apr 12, 2024· Updated Oct 21, 2025

PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

CVE-2024-3400

Description

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.

Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.

Affected products

Paloaltonetworks/Pan Osv5
Range: 10.2.0
Palo Alto Networks/Cloud NGFWv5
Range: All
Palo Alto Networks/Prisma Accessv5
Range: All

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.paloaltonetworks.com/CVE-2024-3400mitrevendor-advisory
unit42.paloaltonetworks.com/cve-2024-3400/mitretechnical-description
www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/mitretechnical-description
www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/mitretechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.075
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.060