CVE-2024-3384

A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.

Published: Apr 10, 2024
Updated: May 4, 2025
CVE: CVE-2024-3384
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
paloaltonetworks / pan-os	8.1.0	8.1.24
paloaltonetworks / pan-os	9.0.0	9.0.17
paloaltonetworks / pan-os	9.1.0	9.1.15
paloaltonetworks / pan-os	10.0.0	10.0.12
paloaltonetworks / pan-os	9.1.15	9.1.15.x

https://security.paloaltonetworks.com/CVE-2024-3384

Vulnerability Database

289,697

CVE-2024-3384