PAN-OS SAML authentication bypass — NSA/CISA issued emergency advisory that APT actors (SolarWinds-adjacent) exploited this in government networks. Enable certificate validation in SAML config or apply patches immediately. Audit all SAML-authenticated admin sessions.
When Security Assertion Markup Language (SAML) authentication is enabled and the Validate Identity Provider Certificate option is disabled (unchecked), security bypass in PAN-OS allows an unauthenticated network-based attacker to access protected resources.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →