This alert has been written for the IT teams of organisations and government.

Background / What has happened?

UPDATE 03/05/2024 - Palo Alto is aware of proof-of-concept by third parties of post exploit persistence techniques that survive resets and upgrades. Palo Alto is not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of vulnerability. The Threat Prevention signatures completely prevent the initial remote command execution, stopping subsequent post-exploitation or persistence.

To Read More -> https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/os-command-injection-vulnerability-in-globalprotect-gateway