"US Cyber Command Says Foreign Hackers Will Most Likely Exploit New PAN-OS Security Bug"
US Cyber Command is warning that foreign state-sponsored hacking groups will likely try to exploit a significant security bug disclosed today in PAN-OS. PAN-OS is the operating system running on firewalls and enterprise VPN appliances from Palo Alto Networks. The vulnerability is an authentication bypass that allows adversaries to access a device without valid credentials. Once exploited, the bug allows hackers to change PAN-OS settings and features. The bug could be used to disable firewalls or VPN access-control policies, effectively disabling the entire PAN-OS devices. The vulnerability was given a 10/10 CVSSv3 score meaning the vulnerability is both easy to exploit as it doesn't require advanced technical skills, and it's remotely exploitable via the internet, without requiring attackers to gain an initial foothold on the attacked device.