PAN-OS SAML authentication bypass — NSA/CISA issued emergency advisory that APT actors (SolarWinds-adjacent) exploited this in government networks. Enable certificate validation in SAML config or apply patches immediately. Audit all SAML-authenticated admin sessions.
When Security Assertion Markup Language (SAML) authentication is enabled and the Validate Identity Provider Certificate option is disabled (unchecked), security bypass in PAN-OS allows an unauthenticated network-based attacker to access protected resources.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →