Reports

Palo Alto Networks Vulnerability Audit – November 2024

Discover Palo Alto PAN-OS Instances Vulnerable to CVE-2024-0012 and CVE-2024-9474

Palo Alto has released security updates addressing 2 zero-day vulnerabilities in the PAN-OS software that are already under active exploitation. The vulnerabilities addressed are CVE-2024-0012 – an authentication bypass with a critical severity score of 9.3 – and CVE-2024-9474 – a privilege escalation vulnerability with a medium severity score of 6.9. As these vulnerabilities have already been exploited, it is advisable to update your systems as soon as possible. You can read more in our PAN-OS vulnerability blog post.

The report below will help you locate vulnerable devices that could be running the affected versions of PAN-OS. This way you have an actionable overview of all affected devices that you still need your intervention.

Run the Palo Alto PAN-OS Vulnerability Audit Report Now!

Palo Alto Networks PAN-OS Vulnerability Audit Lansweeper On-Prem Query

Select Top 1000000 tblAssets.AssetID,
tsysAssetTypes.AssetTypeIcon10 As Icon,
tblAssets.AssetName,
tblAssets.Description,
tblAssets.IPAddress,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysIPLocations.IPLocation,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Firstseen,
tblAssets.Lastseen
From tblAssets
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Left Outer Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Left Outer Join tsysOS On tsysOS.OScode = tblAssets.OScode
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblState.Statename = 'Active' and tblAssetCustom.Manufacturer LIKE '%Palo%Alto%'and 
(tblAssets.Description Like '%PA%220%Series%' or
tblAssets.Description Like '%PA%400%Series%' or
tblAssets.Description Like '%PA%800%Series%' or
tblAssets.Description Like '%PA%1400%Series%' or
tblAssets.Description Like '%PA%3200%Series%' or
tblAssets.Description Like '%PA%3400%Series%' or
tblAssets.Description Like '%PA%5200%Series%' or
tblAssets.Description Like '%PA%5400%Series%' or
tblAssets.Description Like '%PA%7000%Series%' or
tblAssets.Description Like '%VM%Series%' or
tblAssets.Description Like '%CN%Series%' or
tblAssets.Description Like '%M%200%' or
tblAssets.Description Like '%M%600%' or
tblAssets.Description Like '%M%700%' or
tblAssets.Description Like '%WF%500%' or
tblAssets.Description Like '%Panorama%Virtual%Appliance%');

Show

Hide

Ready to get started?

Explore the full platform, free for 14 days.
No credit card required.

Need help evaluating?
Get guidance on pricing at scale and enterprise requirements.
Talk to sales
Clear pricing as you grow
Transparent plans that scale with your environment.
View plans & pricing