A critical security vulnerability has been identified for Palo Alto Networks devices.
On Monday, 29 June 2020, Palo Alto released details on CVE-2020-2021, a new critical weakness in SAML authentication on PAN-OS devices. Impacts of this vulnerability:
PAN-OS version 9.1 earlier than PAN-OS version 9.1.3.
PAN-OS version 9.0 earlier than PAN-OS version 9.0.9.
Versions of PAN-OS 8.1 earlier than PAN-OS 8.1.15
All versions of the PAN-OS 8.0 (EOL) version
However, PAN-OS 7.1 is not affected.
There is no known proof-of - concept exploits available from this post.