Security - PAN-OS Firewall DoS Vulnerability - Let attacker Reboot Firewall Repeateldly

 (CVE-2025-0128) is affecting multiple versions of their PAN-OS firewall software. 

affected systems:

PAN-OS 11.2 (< 11.2.3)

PAN-OS 11.1 (< 11.1.5)

PAN-OS 11.0 (< 11.0.6)

PAN-OS 10.2 (< 10.2.11)

PAN-OS 10.1 (< 10.1.14-h11)

Mitigation strategies

For PAN-OS 11.2: Upgrade to 11.2.3 or later

For PAN-OS 11.1: Upgrade to 11.1.5 or later

For PAN-OS 11.0: Upgrade to 11.0.6 or later

For PAN-OS 10.2: Upgrade to 10.2.11 or later

For PAN-OS 10.1: Upgrade to 10.1.14-h11 or later

For organizations unable to update immediately, a temporary CLI-based workaround exists. Administrators can run the following command:

> debug sslmgr set disable-scep-auth-cookie yes

All details are here indicated:

https://cybersecuritynews.com/pan-os-firewall-dos-vulnerability/

Citrix #how to push Citrix Workspace app for windows through GPO

Citrix Workspace app has possibility to be pushed through GPO, using proper scripts and ADMX/ADML templates for Group Policy Editor

All details can be found at below link:

https://www.citrix.com/downloads/workspace-app/legacy-workspace-app-for-windows-ltsr/workspace-app-for-windows-2402-LTSR-cu2.html

Consider that PDQ product is not able to push software after reboot/shutdown so, this solution, permit to override this software limit

https://documentation.pdq.com/pdqdeploy/13.0.3.0/index.html?logoff-step.htm

https://www.alessandromazzanti.com/search?q=pdq

Be aware that latter VDI Teams version have to utilize this Citrix WorkSpace setting enabled

So in cmd you need to add this value MTOPBootStrapperInstaller (to properly deploy teams plugin)

set CommandLineOptions=/Silent ALLOWADDSTORE=N /includeSSON /AutoUpdateCheck=Disabled EnableCEIP=false ADDLOCAL=ReceiverInside,ICA_Client,SSON,AM,SELFSERVICE,USB,DesktopViewer,Flash,Vd3d,Webhelper,BrowserEngine,WorkspaceHub,MTOPBootStrapperInstaller

start /wait %DeployDirectory%\CitrixWorkspaceFullInstaller.exe DONOTSTARTCC=1 %CommandLineOptions%

Security #Global protect Portal hacker on going scanning activity

Researchers have detected a scanning activity targeting Palo Alto Networks’ GlobalProtect VPN portals

During last 30 about 24,000 unique IP addresses have attempted to access these critical security gateways

Here you can find complete article:

https://cybersecuritynews.com/hackers-scanning-palo-alto-networks-portals/