Prisma Access Update Plan for CVE 2024-3400 (Prisma Access China)
Scheduled Maintenance Report for Prisma Access
Completed
The scheduled maintenance has been completed.
Posted Apr 19, 2024 - 21:00 UTC
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Apr 19, 2024 - 13:00 UTC
Scheduled
This is an update notice related to the Palo Alto Networks Security Advisory that was sent on April 11, 2024, regarding the OS Command Injection Vulnerability in GlobalProtect (CVE-2024-3400).

As a precautionary step and to further strengthen our infrastructure against such attacks, Prisma Access has applied latest threat signatures to the security processing nodes. Palo Alto Networks will be proactively applying a fix to your Prisma Access GlobalProtect portals and gateways. This is an emergency unscheduled upgrade and will not follow the normal dataplane upgrade process. The upgrade will be performed for all deployments using the following schedule per theater:

China – April 19, 2024 between 13:00 and 21:00 UTC

Our goal is to minimize impact to network traffic, but there will be a brief interruption during the upgrade window.

Please ensure that the latest set of public IP addresses used by Prisma Access are allow listed across SaaS vendors and other required service providers. You will not have any additional IP addresses assigned to you as a result of this upgrade.
Posted Apr 17, 2024 - 22:14 UTC
Current Status Powered by Atlassian Statuspage