Two critical vulnerabilities in Palo Alto Networks PAN-OS, CVE-2024-0012 and CVE-2024-9474, have been disclosed. CVE-2024-0012 is an authentication bypass allowing unauthenticated remote attackers to gain admin privileges, while CVE-2024-9474 is an authenticated privilege escalation bug. These can be chained for full system compromise. Active exploitation has been observed for CVE-2024-0012. Affected versions include PAN-OS 10.2, 11.0, 11.1, and 11.2. Patches are available, and organizations are urged to update immediately. Censys identified 13,324 publicly exposed NGFW management interfaces, with 34% in the US. Limiting public exposure and upgrading to PAN-OS 10.2 or later is recommended.