PAN-OS, the operating system used to run firewalls and enterprise VPN appliances from Palo Alto Networks has disclosed a critical security flaw. The vulnerability, known as CVE-2020-2021, received a rating of 10/10 on the CVSSv3 severity scale, which means it is easy to exploit and does not require advanced technical skills on the attackers’ end. The vulnerability is also remotely exploitable over the Internet, so attackers do not need to have a foothold in the network to exploit this vulnerability. CVE-2020-2021 is an authentication bypass that allows threat actors to access the device without needing to provide valid credentials. Once exploited, the attackers can change PAN-OS settings and features, and the bug could allow the threat actor to disable firewalls or VPN access-control policies. The US Cyber Command on Monday (June 29th) warned all companies using Palo Alto Networks devices to update as soon as possible, because Advanced Persistent Threat (APT) actors would soon be attempting to exploit this vulnerability.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security