Palo Alto Networks has issued an alert about a serious security flaw in its PAN-OS software. This vulnerability, labeled CVE-2026-0300, allows hackers to remotely execute code without authentication. The threat level is quite high, with a CVSS score of 9.3 when the User-ID Authentication Portal is accessible from the internet. If it’s only reachable by trusted internal networks, the score drops to 8.7.
The company explained that attackers can exploit this flaw by sending specially crafted packets. This can grant them root access on their PA-Series and VM-Series firewalls. Palo Alto noted that instances of this vulnerability have been “limited,” especially where the User-ID Authentication Portal is publicly accessible.
Which versions are at risk? Here are the affected PAN-OS versions:
- PAN-OS 12.1: Versions < 12.1.4-h5, < 12.1.7
- PAN-OS 11.2: Versions < 11.2.4-h17, < 11.2.7-h13, < 11.2.10-h6, < 11.2.12
- PAN-OS 11.1: Versions < 11.1.4-h33, < 11.1.6-h32, < 11.1.7-h6, < 11.1.10-h25, < 11.1.13-h5, < 11.1.15
- PAN-OS 10.2: Versions < 10.2.7-h34, < 10.2.10-h36, < 10.2.13-h21, < 10.2.16-h7, < 10.2.18-h6
No patch is available yet, but Palo Alto plans to release fixes starting May 13, 2026. Until then, users should either restrict access to the User-ID Authentication Portal or disable it if not needed. According to Palo Alto, following security best practices, like keeping sensitive portals within trusted networks, minimizes risks significantly.
To put this in perspective, similar vulnerabilities in the past have led to major breaches. For instance, the 2017 Equifax breach, stemming from a known vulnerability, exposed the data of about 147 million people. This highlights the importance of regular updates and monitoring in cybersecurity.
Notably, a recent survey revealed that only about 30% of organizations regularly check for software vulnerabilities, leaving many open to attacks. Hence, taking immediate steps now could prevent future incidents.
In today’s interconnected world, maintaining robust network security is essential. As cyber threats evolve, staying informed and proactive is key to safeguarding sensitive data.
