VulnerabilityBleeping Computer
9.0 — CRITICAL
Palo Alto Networks firewall zero-day exploited for nearly a month
Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for nearly a month. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A state-sponsored threat actor exploited a critical-severity PAN-OS firewall zero-day vulnerability (CVE-2026-0300) for nearly a month, compromising over 5,400 exposed VM-series firewalls primarily in Asia and North America.
⚙️Technical Details
💥Impact Assessment
Severity: Critical
Who Is at Risk
Palo Alto Networks customers with exposed VM-series firewalls primarily in Asia and North America
🛡️Recommended Actions
1Restrict access to the PAN-OS User-ID Authentication Portal to trusted zones only
2Disable the portal if that's not possible, which mitigates the risk of this issue
3Apply security updates as soon as they are available
📦Affected Products
Product Name: Palo Alto Networks PAN-OS softwareAffected Systems: PA-Series and VM-Series firewalls
🔐NVD Verified DataVERIFIED
Weaknesses
CWE-787
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.