Palo Alto Networks has released fixes for a zero-day vulnerability affecting its GlobalProtect VPN product that is being targeted following its disclosure last week. Hotfixes for the vulnerability labeled: CVE-2024-3400, were recently published, as promised in an urgent notice about the bug on 12 April. The zero-day carries the highest severity score possible of 10.[1]
Security company Volexity, which Palo Alto credited with discovering the bug, said it “is highly likely” the attacker behind t