Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

pa-5420

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2026-0300
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-9.3||CRITICAL
EPSS-5.06% / 90.00%
||
7 Day CHG+0.52%
Published-06 May, 2026 | 18:57
Updated-09 Jun, 2026 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2026-05-09||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Until the vendor releases an official fix, the following workaround should be implemented: - Restrict User-ID Authentication Portal access to only trusted zones. - Disable User-ID Authentication Portal if not required. 5/13/2026: Palo Alto has released a variety of patches. If these are relevant to your environment, please apply the designate
PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.Siemens AG
Product-pa-505pa-1420pa-5440vm-700vm-500pa-455-5gpa-460pa-540pan-ospa-5420pa-7500pa-7500-dpc-apa-450rpa-455r-5gpa-5570pa-5410pa-410rpa-5560vm-50pa-1410pa-520pa-440pa-455pa-3430pa-555-poepa-501vm-300pa-415pa-3420pa-5550pa-545-poepa-3440pa-5580pa-510pa-5450pa-5540pa-560pa-415-5gpa-445pa-410r-5gvm-100pa-5445pa-3410pa-450pa-5430pa-550pa-410pa-450r-5gPAN-OSPrisma AccessCloud NGFWRUGGEDCOM APE1808PAN-OS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-3385
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-3.09% / 87.08%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 17:06
Updated-13 May, 2026 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled

A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This affects the following hardware firewall models: - PA-5400 Series firewalls - PA-7000 Series firewalls

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-ospa-7050pa-5445pa-7080pa-5420pa-5430pa-5410pa-5440Prisma AccessCloud NGFWPAN-OS
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-3382
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.49%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 17:05
Updated-13 May, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets

A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-ospa-5430pa-5440pa-5420pa-5445pa-5410Prisma AccessCloud NGFWPAN-OS
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime