Palo Alto Networks Warns of Critical PAN-OS Vulnerability Exploited in the Wild

What's Happening? Palo Alto Networks has issued an advisory regarding a critical buffer overflow vulnerability in its PAN-OS software, which is currently being exploited in the wild. The vulnerability, identified as CVE-2026-0300, allows unauthenticated remote code execution and has a CVSS score of

Summarized by AI ⓘ

AI & New Tech

SEE ALL

Discover daily

How Networking Made Embroidery Production More Efficient

Discover daily

How Amazon Rebuilt the E-Reader Market

Discover daily

How Retrieval Systems Balance Accuracy and Coverage

What is the story about?

What's Happening?

Palo Alto Networks has issued an advisory regarding a critical buffer overflow vulnerability in its PAN-OS software, which is currently being exploited in the wild. The vulnerability, identified as CVE-2026-0300, allows unauthenticated remote code execution

and has a CVSS score of 9.3 when the User-ID Authentication Portal is accessible from untrusted networks. The flaw affects several versions of PAN-OS, including 12.1, 11.2, 11.1, and 10.2, and is particularly dangerous for PA-Series and VM-Series firewalls configured to use the User-ID Authentication Portal. Palo Alto Networks plans to release patches starting May 13, 2026, and advises users to restrict portal access to trusted networks or disable it if unnecessary.

Why It's Important?

The exploitation of this vulnerability poses significant risks to organizations using affected versions of PAN-OS, as it allows attackers to execute arbitrary code with root privileges. This could lead to unauthorized access, data breaches, and potential disruption of services. The vulnerability's high CVSS score underscores its severity, particularly for systems exposed to untrusted networks. Organizations that rely on Palo Alto Networks' firewalls for security must act swiftly to mitigate risks by following the company's recommendations. The incident highlights the critical importance of timely patch management and adherence to security best practices to protect against emerging threats.

What's Next?

Palo Alto Networks is set to release patches for the affected PAN-OS versions starting May 13, 2026. Organizations using these firewalls should prepare to implement these updates promptly to secure their systems. In the interim, users are advised to restrict access to the User-ID Authentication Portal to trusted networks or disable it if not required. Security teams should also monitor for any unusual activity that may indicate exploitation attempts. The broader cybersecurity community will likely scrutinize this incident, emphasizing the need for robust security measures and proactive vulnerability management.