Techly NewsGet the app

Get the latest tech news

Working with PaloAlto to identify CVE-2024-2550


How AC3 assisted in identifying and resolving vulnerabilities in the Palo Alto product suite.

The error revealed a "nil pointer dereference" in the firewall's SSL VPN service, suggesting a backend processing issue rather than a problem with the client frontend. However, this triggered the same error when returning a response (where we expected a pre-login cookie) and every subsequent request reproduced the same “nil pointer dereference” issue, confirming that the bug was consistently repeatable. Upon reviewing the logs, providing steps to reproduce, and discussing the findings, the Palo Alto security team confirmed it was a software flaw.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of discovery

discovery

Photo of Palo Alto

Palo Alto

Photo of CVE-2024-2550

CVE-2024-2550

Related news:

News photo

Thousands of Palo Alto Networks Firewalls Compromised This Week After Critical Security Hole

News photo

Over 2,000 Palo Alto firewalls hacked using recently patched bugs

News photo

New 3D Bioprinter Could Build Replicas of Human Organs, Offering a Boost for Drug Discovery | The invention uses light, sound and bubbles to quickly create copies of soft tissue that might one day support testing individualized therapies for cancer and other diseases

« Rakuten Plans Return to Dollar Bond Market With Hybrid Notes
Why are doctors wary of wearables? »