CVE-2021-43798

Researchers report surge in scans targeting Palo Alto Networks login portals

News, Research, Risk, Vendors, Vulnerabilities

October 6, 2025

GreyNoise reported a roughly 500% rise in IP addresses scanning Palo Alto Networks GlobalProtect and PAN-OS profiles, peaking at over 1,285 addresses on Oct. 3; GreyNoise classed most IPs as suspicious and also flagged separate Grafana exploitation attempts tied to CVE-2021-43798.