Security News > 2020 > June > CISA: Nation-State Attackers Likely to Take Aim at Palo Alto Networks Bug
The U.S. Cybersecurity and Infrastructure Security Agency is warning that foreign hackers are likely to exploit a newly disclosed, critical vulnerability in a raft of Palo Alto Networks firewalls and enterprise VPN appliances, which allows for device takeover without authentication.
Palo Alto Networks on Monday posted an advisory on the vulnerability, which affects the devices' operating systems.
Palo Alto already has patched the issue in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later versions, which is why CISA is urging immediate update to affected devices.
Palo Alto provided details for how users of potentially affected devices can check if their device is in the configuration that allows for exploitation of the flaw.
When updating affected devices, people should ensure that the signing certificate for their SAML identity provider is configured as the "Identity Provider Certificate" before upgrading, to ensure that users of the device can continue to authenticate successfully, according to Palo Alto.
News URL
https://threatpost.com/cisa-nation-state-attackers-palo-alto-networks-bug/157013/
Related news
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- CISA warns of more Palo Alto Networks bugs exploited in attacks (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)