NewsSecurity Vulnerabilities

Critical Vulnerability in Palo Alto PAN-OS (CVE-2026-0300)

CVE number = CVE-2026-0300

Palo Alto has published a security advisory addressing a critical vulnerability affecting PAN-OS. This vulnerability allows an unauthenticated attacker to execute arbitrary code with root privileges.

Palo Alto observed limited exploitation of this vulnerability. It is strongly recommended updating affected appliances as soon as patches will be available, and to apply workarounds and mitigation in the meantime.

An unauthenticated attacker could execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.

This issue is applicable only to PA-Series and VM-Series firewalls that are configured to use User-ID Authentication Portal.

The following PAN-OS versions are affected:

  • Versions prior to 12.1.4-h5
  • Versions prior to 12.1.7
  • Versions prior to 11.2.4-h17
  • Versions prior to 11.2.7-h13
  • Versions prior to 11.2.10-h6
  • Versions prior to 11.2.12
  • Versions prior to 11.1.4-h33
  • Versions prior to 11.1.6-h32
  • Versions prior to 11.1.7-h6
  • Versions prior to 11.1.10-h25
  • Versions prior to 11.1.13-h5
  • Versions prior to 11.1.15
  • Versions prior to 10.2.7-h34
  • Versions prior to 10.2.10-h36
  • Versions prior to 10.2.13-h21
  • Versions prior to 10.2.16-h7
  • Versions prior to 10.2.18-h6

Additional information is available in the vendor’s advisory.

Further details – https://security.paloaltonetworks.com/CVE-2026-0300

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.