FeedVulnerabilityPalo Alto PAN-OS 0-Day Exploited to Execute Arbitrary Code W...
VulnerabilityCyber Security News
9.8CRITICAL

Palo Alto PAN-OS 0-Day Exploited to Execute Arbitrary Code With Root Privileges on Firewalls

📅 14 May 2026 at 11:26 UTC📰 Cyber Security NewsView original source ↗

A critical vulnerability in Palo Alto Networks PAN-OS is putting enterprise firewalls at risk, allowing unauthenticated attackers to execute arbitrary code with root privileges. Tracked as CVE-2026-0300, the flaw affects the User-ID Authentication Portal (Captive Portal) and has already seen limited real-world exploitation, particularly in environments where the service is exposed to the internet. The […] The post Palo Alto PAN-OS 0-Day Exploited to Execute Arbitrary Code With Root Privileges on Firewalls appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

A previously unknown buffer overflow vulnerability (CVE-2026-0300) in Palo Alto Networks PAN-OS software allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls, primarily through the User-ID Authentication Portal service. This critical flaw has already seen limited real-world exploitation, particularly in environments where the Captive Portal is exposed to the internet.

⚙️Technical Details
Affected Systems
Paloaltonetworks Pa-1410Paloaltonetworks Pa-1420Paloaltonetworks Pa-3410Paloaltonetworks Pa-3420Paloaltonetworks Pa-3430
Attack Vectors
NETWORK
💥Impact Assessment
Severity: CRITICAL
Who Is at Risk
Enterprise firewalls with Palo Alto Networks PAN-OS software, particularly those with the User-ID Authentication Portal service exposed to the internet
🛡️Recommended Actions
1Immediately update or patch affected systems with Palo Alto Networks PAN-OS software
2Disable or restrict access to the User-ID Authentication Portal service when not in use
3Monitor network traffic and system logs for suspicious activity related to the Captive Portal service
📦Affected Products
Paloaltonetworks Pa-1410Paloaltonetworks Pa-1420Paloaltonetworks Pa-3410Paloaltonetworks Pa-3420Paloaltonetworks Pa-3430Paloaltonetworks Pa-3440Paloaltonetworks Pa-410Paloaltonetworks Pa-410RPaloaltonetworks Pa-410R-5GPaloaltonetworks Pa-415
🔐NVD Verified DataVERIFIED
CVE-2026-0300CVSS 9.8CRITICAL
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weaknesses
CWE-787
Affected Products (CPE)
Paloaltonetworks Pa-1410Paloaltonetworks Pa-1420Paloaltonetworks Pa-3410Paloaltonetworks Pa-3420Paloaltonetworks Pa-3430

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed