CISA: Nation-State Attackers Likely to Take Aim at Palo Alto Networks Bug

2020-06-30 13:48

The U.S. Cybersecurity and Infrastructure Security Agency is warning that foreign hackers are likely to exploit a newly disclosed, critical vulnerability in a raft of Palo Alto Networks firewalls and enterprise VPN appliances, which allows for device takeover without authentication.

Palo Alto Networks on Monday posted an advisory on the vulnerability, which affects the devices' operating systems.

Palo Alto already has patched the issue in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later versions, which is why CISA is urging immediate update to affected devices.

Palo Alto provided details for how users of potentially affected devices can check if their device is in the configuration that allows for exploitation of the flaw.

When updating affected devices, people should ensure that the signing certificate for their SAML identity provider is configured as the "Identity Provider Certificate" before upgrading, to ensure that users of the device can continue to authenticate successfully, according to Palo Alto.

News URL

https://threatpost.com/cisa-nation-state-attackers-palo-alto-networks-bug/157013/

#cisa #paloalto