A Palo Alto Networks vulnerability that allows attackers to establish unauthorized VPN access into corporate networks is being actively exploited in the wild, weeks after the company disclosed the flaw as a medium-severity issue and said it was unaware of any attacks.
However, according to Rapid7, threat actors began exploiting the bug within days of disclosure.
“Rapid7 MDR identified successful exploitation across numerous customers, however we did not observe any indication of successful lateral movement from the devices,” the firm said in its analysis. The attackers reached the network but were not seen pushing deeper in the cases Rapid7 investigated, it said.
The flaw, tracked as CVE-202...