Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-0261

Summary
Assigner-palo_alto
Assigner Org ID-d6c1279f-00f6-4ef7-9217-f89ffe703ec0
Published At-13 May, 2026 | 17:59
Updated At-09 Jun, 2026 | 09:02
Rejected At-
Credits

PAN-OS: Authenticated Admin Command Injection Vulnerability

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by these vulnerabilities.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:palo_alto
Assigner Org ID:d6c1279f-00f6-4ef7-9217-f89ffe703ec0
Published At:13 May, 2026 | 17:59
Updated At:09 Jun, 2026 | 09:02
Rejected At:
▼CVE Numbering Authority (CNA)
PAN-OS: Authenticated Admin Command Injection Vulnerability

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by these vulnerabilities.

Affected Products
Vendor
Palo Alto Networks, Inc.Palo Alto Networks
Product
Cloud NGFW
Default Status
unaffected
Versions
Unaffected
  • All (custom)
Vendor
Palo Alto Networks, Inc.Palo Alto Networks
Product
PAN-OS
CPEs
  • cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 12.1.0 before 12.1.7, 12.1.4-h5 (custom)
    • -> unaffectedfrom12.1.7
    • -> unaffectedfrom12.1.4-h5
  • From 11.2.0 before 11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17 (custom)
    • -> unaffectedfrom11.2.12
    • -> unaffectedfrom11.2.10-h6
    • -> unaffectedfrom11.2.7-h13
    • -> unaffectedfrom11.2.4-h17
  • From 11.1.0 before 11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33 (custom)
    • -> unaffectedfrom11.1.15
    • -> unaffectedfrom11.1.13-h5
    • -> unaffectedfrom11.1.10-h25
    • -> unaffectedfrom11.1.7-h6
    • -> unaffectedfrom11.1.6-h32
    • -> unaffectedfrom11.1.4-h33
  • From 10.2.0 before 10.2.18-h6, 10.2.16-h7, 10.2.13-h21, 10.2.10-h36, 10.2.7-h34 (custom)
    • -> unaffectedfrom10.2.18-h6
    • -> unaffectedfrom10.2.16-h7
    • -> unaffectedfrom10.2.13-h21
    • -> unaffectedfrom10.2.10-h36
    • -> unaffectedfrom10.2.7-h34
Vendor
Palo Alto Networks, Inc.Palo Alto Networks
Product
Prisma Access
Default Status
unaffected
Versions
Unaffected
  • All (custom)
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
4.06.1MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber
4.05.7MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber
Version: 4.0
Base score: 6.1
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber
Version: 4.0
Base score: 5.7
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-88CAPEC-88 OS Command Injection
CAPEC ID: CAPEC-88
Description: CAPEC-88 OS Command Injection
Solutions

VERSION MINOR VERSION SUGGESTED SOLUTION Cloud NGFW No action needed. PAN-OS 12.1 12.1.5 through 12.1.6 Upgrade to 12.1.7 or later. 12.1.2 through 12.1.4-h* Upgrade to 12.1.4-h5 or 12.1.7 or later. PAN-OS 11.2 11.2.11 or later Upgrade to 11.2.12 or later. 11.2.8 through 11.2.10-h* Upgrade to 11.2.10-h6 or 11.2.12 or later. 11.2.5 through 11.2.7-h* Upgrade to 11.2.7-h13 or 11.2.12 or later. 11.2.0 through 11.2.4-h* Upgrade to 11.2.4-h17 or 11.2.12 or later. PAN-OS 11.1 11.1.14 or later Upgrade to 11.1.15 or later. 11.1.11 through 11.1.13-h* Upgrade to 11.1.13-h5 or 11.1.15 or later. 11.1.8 through 11.1.10-h* Upgrade to 11.1.10-h25 or 11.1.15 or later. 11.1.7 through 11.1.7-h* Upgrade to 11.1.7-h6 or 11.1.15 or later. 11.1.5 through 11.1.6-h* Upgrade to 11.1.6-h32 or 11.1.15 or later. 11.1.0 through 11.1.4-h* Upgrade to 11.1.4-h33 or 11.1.15 or later. PAN-OS 10.2 10.2.17 through 10.2.18-h* Upgrade to 10.2.18-h6 or later. 10.2.14 through 10.2.16-h* Upgrade to 10.2.16-h7 or 10.2.18-h6 or later. 10.2.11 through 10.2.13-h* Upgrade to 10.2.13-h21 or 10.2.18-h6 or later. 10.2.8 through 10.2.10-h* Upgrade to 10.2.10-h36 or 10.2.18-h6 or later. 10.2.0 through 10.2.7-h* Upgrade to 10.2.7-h34 or 10.2.18-h6 or later. All older Upgrade to a supported fixed version. unsupported PAN-OS versions Prisma Access No action needed.

Configurations

No special configuration is required to be affected by this issue.

Workarounds

The vast majority of firewalls already follow Palo Alto Networks' and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses. Review information about how to secure management access to your Palo Alto Networks firewalls: * Palo Alto Networks LIVEcommunity article: https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 * Palo Alto Networks official and detailed technical documentation: https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 510017, 510018 and 510024 and can detect attacks for this vulnerability by enabling Threat IDs 510021, 510025 and 510026 (from Applications and Threats content version 9100-10044 and later). For these Threat IDs to protect against attacks for this vulnerability: * Route incoming traffic for the MGT port through a DP port (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba), e.g., enabling management profile on a DP interface for management access. * Replace the Certificate for Inbound Traffic Management (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c). * Decrypt inbound traffic to the management interface (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2) so the firewall can inspect it (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2). * Enable threat prevention on the inbound traffic to management services.

Exploits

Palo Alto Networks is not aware of any malicious exploitation of these issues.

Credits
other
Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.
Timeline
EventDate
Initial publication.2026-05-13 16:00:00
Event: Initial publication.
Date: 2026-05-13 16:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.paloaltonetworks.com/CVE-2026-0261
vendor-advisory
Hyperlink: https://security.paloaltonetworks.com/CVE-2026-0261
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2.
Affected Products
Vendor
Siemens AGSiemens
Product
RUGGEDCOM APE1808
Default Status
unknown
Versions
Affected
  • From 0 before * (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/html/ssa-967325.html
N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-967325.html
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@paloaltonetworks.com
Published At:13 May, 2026 | 19:17
Updated At:09 Jun, 2026 | 10:16

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by these vulnerabilities.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.06.1MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber
Type: Secondary
Version: 4.0
Base score: 6.1
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-78Secondarypsirt@paloaltonetworks.com
CWE ID: CWE-78
Type: Secondary
Source: psirt@paloaltonetworks.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://security.paloaltonetworks.com/CVE-2026-0261psirt@paloaltonetworks.com
N/A
https://cert-portal.siemens.com/productcert/html/ssa-967325.html0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
N/A
Hyperlink: https://security.paloaltonetworks.com/CVE-2026-0261
Source: psirt@paloaltonetworks.com
Resource: N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-967325.html
Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

54Records found
CVE-2026-0273
Matching Score-10
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-10
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.1||MEDIUM
EPSS-Not Assigned
Published-10 Jun, 2026 | 21:01
Updated-11 Jun, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-Cloud NGFWPrisma AccessPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-0231
Matching Score-8
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-8
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.02% / 5.61%
||
7 Day CHG~0.00%
Published-11 Mar, 2026 | 18:03
Updated-12 Mar, 2026 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cortex XDR Broker VM: Sensitive Information Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting.  The attacker must have network access to the Broker VM to exploit this issue.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-Cortex XDR Broker VM
CWE ID-CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CVE-2021-3050
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.8||HIGH
EPSS-4.38% / 89.21%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 17:10
Updated-16 Sep, 2024 | 22:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS Command Injection Vulnerability in Web Interface

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10; PAN-OS 10.0 version 10.0.7 and earlier PAN-OS 10.0 versions; PAN-OS 10.1 version 10.1.0 through PAN-OS 10.1.1. Prisma Access firewalls and firewalls running PAN-OS 8.1 versions are not impacted by this issue.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-3061
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.44% / 63.76%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 17:10
Updated-16 Sep, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 firewalls are impacted by this issue.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-prisma_accesspan-osPAN-OSPrisma Access
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-27407
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.18% / 79.14%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 11:51
Updated-28 Jan, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properly validate user input, making it susceptible to command injection. This could allow an authenticated remote attacker to access the underlying operating system as the root user.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403_firmwarescalance_lpe9403SCALANCE LPE9403
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-3060
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.1||HIGH
EPSS-47.25% / 97.76%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 17:10
Updated-16 Sep, 2024 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-prisma_accesspan-osPAN-OSPrisma Access
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-3059
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.1||HIGH
EPSS-0.76% / 73.81%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 17:10
Updated-16 Sep, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates

An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OSPrisma Access
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-3058
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.8||HIGH
EPSS-0.77% / 73.92%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 17:10
Updated-16 Sep, 2024 | 22:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS Command Injection Vulnerability in Web Interface XML API

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. This issue does not impact Prisma Access firewalls.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OSPrisma Access
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-40947
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.7||HIGH
EPSS-0.26% / 49.25%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 08:20
Updated-12 May, 2026 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1), RUGGEDCOM ROX RX1510 (All versions < V2.17.1), RUGGEDCOM ROX RX1511 (All versions < V2.17.1), RUGGEDCOM ROX RX1512 (All versions < V2.17.1), RUGGEDCOM ROX RX1524 (All versions < V2.17.1), RUGGEDCOM ROX RX1536 (All versions < V2.17.1), RUGGEDCOM ROX RX5000 (All versions < V2.17.1). Affected devices do not properly sanitize user-supplied input during the feature key installation process. This could allow an authenticated remote attacker to inject arbitrary commands, resulting in remote code execution with root privileges on the underlying operating system.

Action-Not Available
Vendor-Siemens AG
Product-RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1500RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1501RUGGEDCOM ROX MX5000RERUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1536RUGGEDCOM ROX RX1511
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-40582
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.07% / 21.30%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:39
Updated-30 May, 2025 | 17:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices do not properly sanitize configuration parameters. This could allow a non-privileged local attacker to execute root commands on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403_firmwarescalance_lpe9403SCALANCE LPE9403
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-0127
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.1||HIGH
EPSS-0.02% / 5.95%
||
7 Day CHG~0.00%
Published-11 Apr, 2025 | 02:01
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. This issue is only applicable to PAN-OS VM-Series. This issue does not affect firewalls that are already deployed. Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-Prisma AccessPAN-OSCloud NGFW
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-0119
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.36% / 58.70%
||
7 Day CHG~0.00%
Published-11 Apr, 2025 | 17:37
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cortex XDR Broker VM: Authenticated Command Injection Vulnerability in Broker VM

A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-Cortex XDR Broker VM
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-9463
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-9.9||CRITICAL
EPSS-94.20% / 99.92%
||
7 Day CHG~0.00%
Published-09 Oct, 2024 | 17:03
Updated-04 Nov, 2025 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-12-05||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Expedition: Unauthenticated OS Command Injection Vulnerability Leads to Firewall Credential Disclosure

An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-expeditionExpeditionExpedition
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-9474
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.9||MEDIUM
EPSS-94.17% / 99.92%
||
7 Day CHG~0.00%
Published-18 Nov, 2024 | 15:48
Updated-04 Nov, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-12-09||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet.
PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OSCloud NGFWPrisma Accesspan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-9464
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-9.3||CRITICAL
EPSS-85.31% / 99.38%
||
7 Day CHG~0.00%
Published-09 Oct, 2024 | 17:03
Updated-18 Oct, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure

An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-expeditionExpeditionexpedition
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-0107
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.7||HIGH
EPSS-81.65% / 99.21%
||
7 Day CHG~0.00%
Published-11 Jan, 2025 | 03:02
Updated-23 Jan, 2026 | 21:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Expedition: OS Command Injection Vulnerability

An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-expeditionPrisma AccessPanoramaExpeditionPAN-OSCloud NGFW
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-8686
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.6||HIGH
EPSS-0.28% / 51.31%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:34
Updated-13 May, 2026 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Command Injection Vulnerability

A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2038
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-86.55% / 99.44%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 16:45
Updated-16 Sep, 2024 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS command injection vulnerability in the management web interface

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10.0 versions earlier than 10.0.1.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-33721
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-5.08% / 90.02%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 10:35
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges could exploit this vulnerability to execute arbitrary code on the system with system privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinec_network_management_systemSINEC NMS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-46746
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.19% / 40.99%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 08:46
Updated-09 Jun, 2026 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The application does not properly sanitize user input in the /api/sftp/uploadFiles endpoint, allowing the injection of shell command payloads via crafted directory names. These payloads are stored and executed when directory listings are retrieved. This could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the affected service user (sinecins).

Action-Not Available
Vendor-Siemens AG
Product-SINEC INS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-47901
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-10||CRITICAL
EPSS-2.91% / 86.68%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 14:21
Updated-30 Oct, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The web server of affected devices does not sanitize the input parameters in specific GET requests that allow for code execution on operating system level. In combination with other vulnerabilities (CVE-2024-47902, CVE-2024-47903, CVE-2024-47904) this could allow an unauthenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-intermesh_7707_fire_subscriberintermesh_7177_hybrid_2.0_subscriberintermesh_7707_fire_subscriber_firmwareInterMesh 7707 Fire SubscriberInterMesh 7177 Hybrid 2.0 Subscriberintermesh_7177_hybrid2.0_subscriberintermesh_7707_fire_subscriber
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-46890
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-2.24% / 84.90%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 12:49
Updated-13 Nov, 2024 | 23:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privileges on the application to execute arbitrary code on the underlying OS.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INSsinec_ins
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-40176
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8||HIGH
EPSS-0.70% / 72.42%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). There exists an Improper Neutralization of Special Elements used in an OS Command with root privileges during a restore operation due to the missing validation of the names of files included in the input package. By restoring a specifically crafted package, a remote low-privileged attacker can execute arbitrary system commands with root privileges on the device, leading to a full compromise.

Action-Not Available
Vendor-Siemens AG
Product-pxg3.w200-1pxg3.w200-2_firmwaredesigo_pxm50.edesigo_pxm40.e_firmwaredesigo_pxm50.e_firmwaredesigo_pxm40-1_firmwaredesigo_pxm30.edesigo_pxm40-1pxg3.w100-2_firmwaredesigo_pxm50-1_firmwaredesigo_pxm30-1desigo_pxm30.e_firmwaredesigo_pxm50-1pxg3.w100-1desigo_pxm40.epxg3.w100-1_firmwarepxg3.w200-1_firmwaredesigo_pxm30-1_firmwarepxg3.w100-2pxg3.w200-2Desigo PXM50-1PXG3.W100-1Desigo PXM40-1Desigo PXM50.EPXG3.W100-2Desigo PXM40.EDesigo PXM30.EPXG3.W200-1Desigo PXM30-1PXG3.W200-2
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-41788
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.66% / 71.41%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 08:22
Updated-23 Sep, 2025 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the input parameters in specific GET requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-7kt_pac1260_data_manager7kt_pac1260_data_manager_firmwareSENTRON 7KT PAC1260 Data Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-41790
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.55% / 68.33%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 08:22
Updated-23 Sep, 2025 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-7kt_pac1260_data_manager7kt_pac1260_data_manager_firmwareSENTRON 7KT PAC1260 Data Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-41789
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.55% / 68.33%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 08:22
Updated-23 Sep, 2025 | 16:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the language parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-7kt_pac1260_data_manager7kt_pac1260_data_manager_firmwareSENTRON 7KT PAC1260 Data Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-31891
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-10||CRITICAL
EPSS-4.58% / 89.45%
||
7 Day CHG~0.00%
Published-14 Sep, 2021 | 10:47
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges.

Action-Not Available
Vendor-Debian GNU/LinuxSiemens AG
Product-operation_schedulerdebian_linuxdesigo_ccsiveillance_control_prosiveillance_controlgma-managerSiveillance Control ProOperation SchedulerGMA-ManagerSiveillance ControlDesigo CC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-0110
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.6||HIGH
EPSS-0.11% / 28.87%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 21:04
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin

A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the “__openconfig” user (which has the Device Administrator role) on the firewall. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-PAN-OS OpenConfig Plugin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-1980
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.8||HIGH
EPSS-0.27% / 50.70%
||
7 Day CHG~0.00%
Published-11 Mar, 2020 | 18:58
Updated-16 Sep, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands

A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2037
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-0.99% / 77.33%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 16:45
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS command injection vulnerability in the management web interface

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2034
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.1||HIGH
EPSS-77.77% / 99.02%
||
7 Day CHG~0.00%
Published-08 Jul, 2020 | 16:35
Updated-16 Sep, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS command injection vulnerability in GlobalProtect portal

An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1. Prisma Access services are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2029
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-1.13% / 78.76%
||
7 Day CHG~0.00%
Published-10 Jun, 2020 | 17:28
Updated-16 Sep, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS command injection vulnerability in management interface certificate generator

An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. This issue affects: All versions of PAN-OS 8.0; PAN-OS 7.1 versions earlier than PAN-OS 7.1.26; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2007
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-3.67% / 88.16%
||
7 Day CHG~0.00%
Published-13 May, 2020 | 19:07
Updated-17 Sep, 2024 | 03:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS command injection in management server

An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. This issue affects: All PAN-OS 7.1 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2028
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-0.52% / 67.28%
||
7 Day CHG~0.00%
Published-10 Jun, 2020 | 17:28
Updated-16 Sep, 2024 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification

An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than PAN-OS 9.0.7.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2008
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-2.99% / 86.85%
||
7 Day CHG~0.00%
Published-13 May, 2020 | 19:07
Updated-16 Sep, 2024 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS command injection or arbitrary file deletion vulnerability

An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-73
External Control of File Name or Path
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2014
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.8||HIGH
EPSS-4.91% / 89.83%
||
7 Day CHG~0.00%
Published-13 May, 2020 | 19:07
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS injection vulnerability in PAN-OS management server

An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2000
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-1.71% / 82.76%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 00:05
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS command injection and memory corruption vulnerability

An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2030
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-2.74% / 86.29%
||
7 Day CHG~0.00%
Published-08 Jul, 2020 | 16:35
Updated-17 Sep, 2024 | 02:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS command injection vulnerability in the management interface

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0. This issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access services.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-2010
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-3.23% / 87.36%
||
7 Day CHG~0.00%
Published-13 May, 2020 | 19:07
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authenticated user command injection vulnerability

An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-4230
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.4||HIGH
EPSS-0.23% / 45.75%
||
7 Day CHG~0.00%
Published-12 Jun, 2025 | 23:30
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-Cloud NGFWPAN-OSPrisma Access
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-23812
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8||HIGH
EPSS-0.71% / 72.65%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 09:00
Updated-04 Oct, 2024 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application incorrectly neutralizes special elements when creating a report which could lead to command injection.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMSsinec_nms
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-40949
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.9||HIGH
EPSS-0.23% / 45.65%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 08:20
Updated-13 May, 2026 | 09:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1), RUGGEDCOM ROX RX1510 (All versions < V2.17.1), RUGGEDCOM ROX RX1511 (All versions < V2.17.1), RUGGEDCOM ROX RX1512 (All versions < V2.17.1), RUGGEDCOM ROX RX1524 (All versions < V2.17.1), RUGGEDCOM ROX RX1536 (All versions < V2.17.1), RUGGEDCOM ROX RX5000 (All versions < V2.17.1). Affected devices do not properly sanitize user-supplied input in the Scheduler functionality of the Web UI, allowing commands to be injected into the task scheduling backend. This could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying operating system.

Action-Not Available
Vendor-Siemens AG
Product-RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1500RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1501RUGGEDCOM ROX MX5000RERUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1536RUGGEDCOM ROX RX1511
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-1581
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.69% / 86.18%
||
7 Day CHG~0.00%
Published-23 Aug, 2019 | 17:06
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Remote code execution vulnerability in the PAN-OS SSH device management interface

A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prior to 8.0.19-h1, 8.0.20; 8.1 versions prior to 8.1.9-h4, 8.1.10; 9.0 versions prior to 9.0.3-h3, 9.0.4.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2025-27393
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-3.11% / 87.12%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-27398
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-2.1||LOW
EPSS-0.20% / 41.54%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of binaries that are already present on the filesystem.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-27392
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-2.62% / 85.99%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-25 Aug, 2025 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-27394
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-2.62% / 85.99%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new SNMP users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-26389
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-10||CRITICAL
EPSS-1.11% / 78.50%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-06 Oct, 2025 | 10:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in OZW672 (All versions < V8.0), OZW772 (All versions < V8.0). The web service in affected devices does not sanitize the input parameters required for the `exportDiagramPage` endpoint. This could allow an unauthenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-ozw772ozw672ozw672_firmwareozw772_firmwareOZW772OZW672
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-6792
Matching Score-6
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-6
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.20% / 41.99%
||
7 Day CHG~0.00%
Published-13 Dec, 2023 | 18:16
Updated-08 Oct, 2024 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: OS Command Injection Vulnerability in the XML API

An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-51385
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-17.23% / 95.17%
||
7 Day CHG~0.00%
Published-18 Dec, 2023 | 00:00
Updated-12 May, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

Action-Not Available
Vendor-n/aDebian GNU/LinuxSiemens AGOpenBSD
Product-opensshdebian_linuxn/aSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518F-4 PN/DP MFP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • Next
Details not found