https://security.paloaltonetworks.com/CVE-2024-3400
This is a command injection vulnerability that enabled an unauthenticated attacker to execute code with root privileges. POC has been released publicly.
Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.
You can verify whether you have a GlobalProtect gateway or GlobalProtect portal configured by checking for entries in your firewall web interface (Network > GlobalProtect > Gateways or Network > GlobalProtect > Portals).