VulnerabilityBleeping Computer
9.0 — CRITICAL
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A zero-day vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks, allowing unauthenticated attackers to execute arbitrary code with root privileges on Internet-exposed firewalls. This vulnerability has been tracked as CVE-2026-0300 and affects PAN-OS firewalls exposed to untrusted IP addresses.
⚙️Technical Details
Affected Systems
PAN-OS User-ID Authentication PortalInternet-exposed PA-Series and VM-Series firewalls
Attack Vectors
Specially crafted packets via untrusted IP addresses or the public internet
💥Impact Assessment
Severity: critical
Who Is at Risk
Customers using PAN-OS User-ID Authentication Portal on Internet-exposed firewallsPalo Alto Networks customers with exposed VM-Series firewallsSeverity: critical
🛡️Recommended Actions
1Restrict access to trusted zones only for the User-ID Authentication Portal
2Disable the portal if it cannot be secured by restricting access
3Regularly check firewall configurations for vulnerable services
📦Affected Products
PAN-OS firewallsVM-Series firewalls
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.