FYI to all you clever Palo people who disabled telemetry to mitigate CVE-2024-3400:
> In earlier versions of this advisory, disabling device telemetry was listed as a secondary mitigation action. Disabling device telemetry is no longer an effective mitigation. Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.
https://security.paloaltonetworks.com/CVE-2024-3400
Wary Jerry /
npub1vt…2e7wk
2024-04-17 16:44:47
Author Public Key
npub1vtxnjefp3k907zuva2uncpntqks8amlz2pwxlppx5tnfwvvymxzsj2e7wkPublished at
2024-04-17 16:44:47Event JSON
{
"id": "b6be8405993fe7aeb004127f672e1785633876c0cdedd6e27f7ac7e50cf068c3",
"pubkey": "62cd3965218d8aff0b8ceab93c066b05a07eefe2505c6f8426a2e6973184d985",
"created_at": 1713372287,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/jerry/statuses/112287566233574603",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/jerry/statuses/112287566233574603",
"pink.momostr"
]
],
"content": "FYI to all you clever Palo people who disabled telemetry to mitigate CVE-2024-3400:\n\n\u003e In earlier versions of this advisory, disabling device telemetry was listed as a secondary mitigation action. Disabling device telemetry is no longer an effective mitigation. Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.\n\nhttps://security.paloaltonetworks.com/CVE-2024-3400",
"sig": "0e7228bbc9d10320c3a049e4fcb3a0fce24de274cdd56218418dd487986760e67f72ead66185c79066ffc62c05590fc612fe175ff41f8df5ab8ccb2c6bc1cf11"
}