This maximum severity security flaw (CVE-2024-3400) affects PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with device telemetry and GlobalProtect (gateway or portal) enabled.
The vulnerability, which carries a perfect 10 base severity score, is tracked as CVE-2024-24576. It affects the Rust standard library, which was found to be improperly escaping arguments when invoking batch files on Windows using the Command API.
The vulnerability affects various versions of FortiOS, and the recommended solution includes upgrading to specific versions or migrating to a fixed release to address the flaw.
The vulnerability, tracked as CVE-2024-23917, affects all versions of TeamCity On-Premises from 2017.1 through 2023.11.2 and can lead to remote code execution attacks without requiring user interaction.
The flaw affects several versions of GitLab and patches have already been released. The servers at risk are mainly located in the United States, Germany, Russia, China, France, the U.K., India, and Canada.
The vulnerability affects various GPU products, with AMD and Apple planning mitigations, and Imagination and Qualcomm issuing fixes. Nvidia and Arm are reportedly unaffected.
One of the vulnerabilities, known as “Reptar,” affects Intel CPUs and could lead to system instability or privilege escalation. The other vulnerability, CVE-2023-46835, could allow malicious code in a guest VM to compromise an AMD-based host.
The vulnerability, which affects CER version 12.5(1)SU4, could be exploited to execute arbitrary commands as the root user. Admins are urged to update their vulnerable installations promptly, as there are no temporary workarounds available.