The US government has warned of a serious flaw in Palo Alto Networks equipment that could allow unsophisticated and unskilled attackers to compromise devices easily. The warning was issued by the US Cyber Command, who expressed concern over foreign nation-states targeting its networks and its partners’ networks. The US Cyber Command also urged all users to patch all devices affected by the vulnerability immediately, stating that these foreign threats will attempt to exploit it soon.
The vulnerability pertains to the authentication process in PAN-OS, which is the operating system driving Palo Alto firewalls. The vulnerability, CVE-2020-2021, has a severity of 10, which is the highest possible rating. Although it is not a remote code execution vulnerability, it would potentially allow an unauthenticated attacker to access web interfaces and subsequently log into firewalls with administrator privileges. This type of attack could be particularly damaging to customers, as many are relying heavily on firewall and VPN access to work remotely.