CVE-2024-3393

CVE Database · CVE-2024-3393

CVE-2024-3393

· HIGHAnalyzed

CVSS v3.1

7.5

CVSS v4.0

8.7

EPSS

26.64%

Published

Dec 27, 2024

Modified

Nov 4, 2025

CISA Known Exploited Vulnerability

Added: 2024-12-30 · Due: 2025-01-20

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weaknesses (CWE)

CWE-754CWE-754

Affected Products (84)

paloaltonetworks · pan-osvulnerable

paloaltonetworks · pan-os (up to 11.2.3)vulnerable

paloaltonetworks · pan-osvulnerable

paloaltonetworks · pan-os

References (2)

https://security.paloaltonetworks.com/CVE-2024-3393

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-3393

US Government Resource

KEV Catalog EPSS Scores Vendors All CVEs

paloaltonetworks · pan-osvulnerable