US Cyber Command has warned users to urgently patch a major new vulnerability in PAN-OS, Palo Alto Networks’ operating system for its firewalls and enterprise Virtual Private Network (VPN) appliances. The new vulnerability has the highest possible CVSS score of 10.
The bug gives an attacker the ability to fully bypass a firewall and gain unauthenticated admin access to vulnerable devices: about as bad as it gets, particularly from a security vendor.
“Please patch all devices affected by CVE-2020-2021 immediately, especially if SAML is in use. Foreign APTs will