Critical Vulnerability in Palo Alto Networks PAN-OS (CVE-2020-2021)

Published on 30 Jun 2020

Updated on 30 Jun 2020

Palo Alto Networks has released PAN-OS versions 9.1.3, 9.0.9, and 8.1.15 to address a critical vulnerability, CVE-2020-2021.

This vulnerability exists in the Security Assertion Markup Language (SAML) authentication in PAN-OS, due to improper verification of signatures. Successful exploitation of this vulnerability could allow an unauthenticated, remote attacker to obtain access to protected resources within a network. Palo Alto Networks has released a patch addressing the vulnerability. Users of affected products are advised to install the latest security update immediately.

More information is available here:
https://security.paloaltonetworks.com/CVE-2020-2021
https://www.tenable.com/blog/cve-2020-2021-palo-alto-networks-pan-os-vulnerable-to-critical-authentication-bypass