US CYBERCOM Warning on Palo Alto Technologies OS Vulnerability; Patch Now!
On June 29, US Cyber Command issued a cybersecurity alert regarding a critical flaw affecting Palo Alto Networks PAN-OS, the operating system that runs on the company's firewalls and VPN appliances. The alert urges users to "patch all devices affected by CVE-2020-2021 immediately, especially if SAML is in use." US Cyber Command expects that foreign adversaries will likely begin to exploit the vulnerability soon.
It is regrettable but "patching" is now a mandatory, expensive, and continuous, activity. However, all patches are not equal; patch first those vulnerabilities that are being actively exploited.
William Hugh Murray
Read more in
Twitter: USCYBERCOM Cybersecurity Alert
Knowledge Base: Securing your SAML Deployments
Palo Alto Networks: CVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication