FeedVulnerabilityPalo Alto Networks Firewall Zero-Day RCE Vulnerability Explo...
VulnerabilityCyber Security News
9.8CRITICAL

Palo Alto Networks Firewall Zero-Day RCE Vulnerability Exploited in the Wild Since April

📅 7 May 2026 at 11:38 UTC📰 Cyber Security NewsView original source ↗
Palo Alto Networks Firewall Zero-Day RCE Vulnerability Exploited in the Wild Since April

A critical zero-day vulnerability in Palo Alto Networks PAN-OS software has been actively exploited by a likely state-sponsored threat actor since at least April 2026, the company revealed in a security advisory published on May 6, 2026. Tracked as CVE-2026-0300, the flaw is a buffer overflow vulnerability residing in the User-ID Authentication Portal, also known […] The post Palo Alto Networks Firewall Zero-Day RCE Vulnerability Exploited in the Wild Since April appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

A state-sponsored threat actor has exploited a Palo Alto Networks PAN-OS zero-day vulnerability (CVE-2026-0300) since at least April 2026, allowing arbitrary code execution with root privileges on PA-Series and VM-Series firewalls. The vulnerability is a buffer overflow in the User-ID Authentication Portal service.

⚙️Technical Details
💥Impact Assessment
Severity: critical
🛡️Recommended Actions
1Apply the latest PAN-OS software patch (CVE-2026-0300) to all affected firewalls
2Disable User-ID Authentication Portal service until a fix is available
3Monitor firewall logs for suspicious activity and implement intrusion detection systems
📦Affected Products
Paloaltonetworks Pa-1410Paloaltonetworks Pa-1420Paloaltonetworks Pa-3410Paloaltonetworks Pa-3420Paloaltonetworks Pa-3430Paloaltonetworks Pa-3440Paloaltonetworks Pa-410Paloaltonetworks Pa-410RPaloaltonetworks Pa-410R-5GPaloaltonetworks Pa-415
🔐NVD Verified DataVERIFIED
CVE-2026-0300CVSS 9.8CRITICAL
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weaknesses
CWE-787
Affected Products (CPE)
Paloaltonetworks Pa-1410Paloaltonetworks Pa-1420Paloaltonetworks Pa-3410Paloaltonetworks Pa-3420Paloaltonetworks Pa-3430

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed