Foreign adversaries likely to exploit critical networking bug, US says

Foreign adversaries likely to exploit critical networking bug, US says

4 years ago
Anonymous $qOHwDUKgAF

https://arstechnica.com/information-technology/2020/06/foreign-adversaries-likely-to-exploit-critical-networking-bug-us-gov-says/

Foreign hackers backed by a well-resourced government are likely to exploit a critical vulnerability in a host and VPN and firewall products sold by Palo Alto Networks, officials in the US federal government warned on Tuesday.

In worst-case scenarios, the security vendor said in a post, the flaw allows unauthorized people to log in to networks as administrators. With those privileges, attackers could install software of their choice or carry out other malicious actions that have serious consequences. The vulnerability, tracked as CVE-2020-2021, can be exploited when an authentication mechanism known as Security Assertion Markup Language is used to validate that users gave the proper permission to access a network. Attackers must also have Internet access to an affected server.

Foreign adversaries likely to exploit critical networking bug, US says

Jun 30, 2020, 9:16pm UTC
https://arstechnica.com/information-technology/2020/06/foreign-adversaries-likely-to-exploit-critical-networking-bug-us-gov-says/ > Foreign hackers backed by a well-resourced government are likely to exploit a critical vulnerability in a host and VPN and firewall products sold by Palo Alto Networks, officials in the US federal government warned on Tuesday. > In worst-case scenarios, the security vendor said in a post, the flaw allows unauthorized people to log in to networks as administrators. With those privileges, attackers could install software of their choice or carry out other malicious actions that have serious consequences. The vulnerability, tracked as CVE-2020-2021, can be exploited when an authentication mechanism known as Security Assertion Markup Language is used to validate that users gave the proper permission to access a network. Attackers must also have Internet access to an affected server.