CVE-2024-0012

ENISA EUVD: EUVD-2024-15815 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 9 articles Published: 2024-11-18

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

94.32%

probability

This CVE has a 94.32% probability of being exploited in the next 30 days.

0% Top 100.0th percentile of all CVEs 100%

CVSS v4.0 NEW

Source: VulnerabilityLookup (CIRCL)

9.3

CRITICAL

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

None

Vulnerable System Confidentiality Impact

High

Vulnerable System Integrity Impact

High

Vulnerable System Availability Impact

High

Subsequent System Confidentiality Impact

Low

Subsequent System Integrity Impact

None

Subsequent System Availability Impact

None

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red

CVSS v3.1

Source: NVD

9.8

CRITICAL

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Affected Products

Palo Alto Networks

Cloud NGFW

All

Palo Alto Networks

PAN-OS

11.2.0 11.1.0 11.0.0 10.2.0 10.1.0

Palo Alto Networks

Prisma Access

All

paloaltonetworks

pan-os

Palo Alto Networks

PAN-OS

11.2.0 <11.2.4-h1

Palo Alto Networks

Cloud NGFW

Palo Alto Networks

PAN-OS

10.2.0 <10.2.12-h2

Palo Alto Networks

Prisma Access

Palo Alto Networks

PAN-OS

Palo Alto Networks

PAN-OS

11.0.0 <11.0.6-h1

Palo Alto Networks

PAN-OS

11.1.0 <11.1.5-h1

Attack Intelligence

CWE-284 · Improper Access Control CWE-287 · Improper Authentication CWE-306 · Missing Authentication

Exploits & PoC

watchtowrlabs/palo-alto-panos-cve-2024-0012

24 2024-11-19

Sachinart/CVE-2024-0012-POC

CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC

20 2024-11-19

TalatumLabs/CVE-2024-0012_CVE-2024-9474_PoC

This PoC is targeting vulnerabilities in Palo Alto PAN-OS, specifically CVE-2024-0012 and CVE-2024-9474. This script automates the exploitation proce

8 2024-12-12

dcollaoa/cve-2024-0012-gui-poc

Python script for CVE-2024-0012 / CVE-2024-9474 exploit

4 2025-04-22

Regent8SH/PanOsExploitMultitool

Exploitation and Post-Exploitation Multitool for Palo Alto PAN-OS Systems affected by vulnerabilities CVE-2024-0012 and CVE-2024-9474

4 2026-05-16

0xjessie21/CVE-2024-0012

CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC

3 2024-12-02

iSee857/CVE-2024-0012-poc

CVE-2024-0012批量检测脚本

2 2025-04-01

greaselovely/CVE-2024-0012

PANW NGFW CVE-2024-0012

1 2024-11-22

Gr-1m/cve-2024-0012-poc

CVE-2024-0012是Palo Alto Networks PAN-OS软件中的一个身份验证绕过漏洞。该漏洞允许未经身份验证的攻击者通过网络访问管理Web界面，获取PAN-OS管理员权限，从而执行管理操作、篡改配置，或利用其他需要身份验证的特权提升漏洞（如CVE-2024-9474）

0 2024-11-22

punitdarji/Paloalto-CVE-2024-0012

0 2024-11-22

10 repos — triés par ⭐ Rechercher sur GitHub ↗

https://security.paloaltonetworks.com/CVE-2024-0012

vendor-advisory

Signal Intelligence

Confidenceⓘ

92%

EPSS 94.32%

CVSS v4.0 9.3

CVSS v3.1 9.8

Mentions 9

Last Seen Dec 13, 2025

CNA Information

CNA Assigner

palo_alto

CNA Title

PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

Analyst Note

CVE-2024-0012 is explicitly named as a zero-day exploited in attacks by authoritative sources (BleepingComputer, CERT-EU). Published November 2024 with critical CVSS scores and confirmed active exploitation prior to or simultaneous with patch availability. Strong signals from reputable security news outlets and EU CERT advisory confirming zero-day status.