Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

pan-os

Source -

NVDADP

CNA CVEs -

0

ADP CVEs -

7

CISA CVEs -

0

NVD CVEs -

230
Related CVEsRelated VendorsRelated AssignersReports
230Vulnerabilities found

CVE-2026-0279
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-1.3||LOW
EPSS-0.61% / 45.21%
||
7 Day CHG-0.56%
Published-09 Jul, 2026 | 19:08
Updated-13 Jul, 2026 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities

Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal (aka Captive Portal) service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated user to store or execute malicious JavaScript payload. The security risk posed by this issue is minimized when the management interface and access to the User-ID™ Authentication Portal is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW is not affected by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-0280
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-1.7||LOW
EPSS-0.30% / 22.26%
||
7 Day CHG-0.17%
Published-09 Jul, 2026 | 19:05
Updated-13 Jul, 2026 | 12:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: IPv6 Firewall Policy Bypass

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OSPanorama
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2026-0281
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-2.1||LOW
EPSS-0.28% / 19.82%
||
7 Day CHG-0.08%
Published-09 Jul, 2026 | 19:03
Updated-13 Jul, 2026 | 12:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Information Disclosure Vulnerability in Management Web Interface

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker. The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-524
Use of Cache Containing Sensitive Information
CVE-2026-0282
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-2.7||LOW
EPSS-0.29% / 20.74%
||
7 Day CHG-0.07%
Published-09 Jul, 2026 | 19:02
Updated-13 Jul, 2026 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: File Deletion Vulnerability in Management Web Interface

A file deletion vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-20
Improper Input Validation
CVE-2026-0283
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-4.5||MEDIUM
EPSS-0.34% / 26.02%
||
7 Day CHG-0.24%
Published-09 Jul, 2026 | 19:01
Updated-13 Jul, 2026 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)

An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-0284
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.45% / 36.22%
||
7 Day CHG-0.05%
Published-09 Jul, 2026 | 18:59
Updated-13 Jul, 2026 | 12:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)

An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2026-0285
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.42% / 33.73%
||
7 Day CHG-0.07%
Published-09 Jul, 2026 | 18:58
Updated-13 Jul, 2026 | 12:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface

A server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services. The security risk posed by this issue is minimized when the management interface is restricted to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .  Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-0286
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6||MEDIUM
EPSS-1.40% / 69.46%
||
7 Day CHG+0.30%
Published-09 Jul, 2026 | 18:56
Updated-13 Jul, 2026 | 12:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authenticated Command Injection in CLI

A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-0287
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.59% / 44.14%
||
7 Day CHG+0.05%
Published-09 Jul, 2026 | 18:51
Updated-13 Jul, 2026 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode. Panorama is not impacted by these vulnerabilities.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-oscloud_ngfwPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2026-0273
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.1||MEDIUM
EPSS-1.37% / 68.90%
||
7 Day CHG+0.19%
Published-10 Jun, 2026 | 21:01
Updated-14 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Action-Not Available
Vendor-Siemens AGPalo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OSRUGGEDCOM APE1808
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-0272
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6||MEDIUM
EPSS-0.26% / 17.65%
||
7 Day CHG+0.01%
Published-10 Jun, 2026 | 21:01
Updated-14 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)

A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Siemens AGPalo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OSRUGGEDCOM APE1808
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-0269
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.22% / 12.96%
||
7 Day CHG+0.03%
Published-10 Jun, 2026 | 20:54
Updated-14 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing

A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Siemens AGPalo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OSPanoramaRUGGEDCOM APE1808
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2026-0266
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-1.1||LOW
EPSS-0.13% / 2.92%
||
7 Day CHG-0.08%
Published-10 Jun, 2026 | 20:30
Updated-14 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Action-Not Available
Vendor-Siemens AGPalo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OSRUGGEDCOM APE1808
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-0257
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.8||HIGH
EPSS-86.68% / 99.72%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 18:15
Updated-14 Jul, 2026 | 12:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2026-06-01||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.

Action-Not Available
Vendor-Siemens AGPalo Alto Networks, Inc.
Product-pan-osprisma_accessruggedcom_ape1808ruggedcom_ape1808_firmwarePrisma AccessCloud NGFWPAN-OSRUGGEDCOM APE1808PAN-OS
CWE ID-CWE-565
Reliance on Cookies without Validation and Integrity Checking
CVE-2026-0258
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.33% / 24.92%
||
7 Day CHG+0.01%
Published-13 May, 2026 | 18:08
Updated-14 Jul, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching

A server-side request forgery (SSRF) vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service (DoS) condition. Panorama, Cloud NGFW and Prisma® Access are not impacted by these vulnerabilities.

Action-Not Available
Vendor-Siemens AGPalo Alto Networks, Inc.
Product-pan-osruggedcom_ape1808ruggedcom_ape1808_firmwarePrisma AccessCloud NGFWPAN-OSRUGGEDCOM APE1808
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-0259
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-5||MEDIUM
EPSS-0.34% / 25.76%
||
7 Day CHG+0.06%
Published-13 May, 2026 | 18:05
Updated-14 Jul, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)

An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing. Please note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-oswf-500-bwf-500WildFire WF-500 and WF-500-B
CWE ID-CWE-73
External Control of File Name or Path
CVE-2026-0263
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-0.37% / 29.56%
||
7 Day CHG+0.06%
Published-13 May, 2026 | 17:47
Updated-14 Jul, 2026 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing

A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition. Panorama, Cloud NGFW, and Prisma® Access are not impacted by these vulnerabilities.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-0264
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-0.47% / 37.92%
||
7 Day CHG+0.07%
Published-13 May, 2026 | 17:40
Updated-14 Jul, 2026 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution

A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service (DoS) condition (all PAN-OS platforms except Cloud NGFW and Prisma Access) or potentially execute arbitrary code by sending specially crafted network traffic (PA-Series hardware only). Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Siemens AGPalo Alto Networks, Inc.
Product-pan-osruggedcom_ape1808ruggedcom_ape1808_firmwarePrisma AccessCloud NGFWPAN-OSRUGGEDCOM APE1808
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-0265
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-0.38% / 30.20%
||
7 Day CHG-0.06%
Published-13 May, 2026 | 17:38
Updated-14 Jul, 2026 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used. The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by this vulnerability.

Action-Not Available
Vendor-Siemens AGPalo Alto Networks, Inc.
Product-pan-osruggedcom_ape1808ruggedcom_ape1808_firmwarePrisma AccessCloud NGFWPAN-OSRUGGEDCOM APE1808
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2026-0300
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-9.3||CRITICAL
EPSS-32.07% / 98.12%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 18:57
Updated-14 Jul, 2026 | 12:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2026-05-09||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Until the vendor releases an official fix, the following workaround should be implemented: - Restrict User-ID Authentication Portal access to only trusted zones. - Disable User-ID Authentication Portal if not required. 5/13/2026: Palo Alto has released a variety of patches. If these are relevant to your environment, please apply the designate
PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.

Action-Not Available
Vendor-Siemens AGPalo Alto Networks, Inc.
Product-pa-505pa-1420pa-5440vm-700vm-500pa-455-5gpa-460pa-540pan-ospa-5420pa-7500pa-7500-dpc-apa-450rpa-455r-5gpa-5570pa-5410pa-410rpa-5560vm-50pa-1410pa-520pa-440pa-455pa-3430pa-555-poepa-501vm-300pa-415pa-3420pa-5550pa-545-poepa-3440pa-5580pa-510pa-5450pa-5540pa-560pa-415-5gpa-445pa-410r-5gvm-100pa-5445pa-3410pa-450pa-5430pa-550pa-410pa-450r-5gPrisma AccessCloud NGFWPAN-OSRUGGEDCOM APE1808PAN-OS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-0227
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.67% / 48.03%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 18:45
Updated-06 Feb, 2026 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal

A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osprisma_accessCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2025-4615
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.74% / 50.40%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 18:28
Updated-01 Apr, 2026 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Improper Neutralization of Input in the Management Web Interface

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPrisma AccessPAN-OS
CWE ID-CWE-83
Improper Neutralization of Script in Attributes in a Web Page
CVE-2025-4614
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.22% / 13.08%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 18:13
Updated-06 Feb, 2026 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Session Token Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked.   The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPrisma AccessPAN-OS
CWE ID-CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CVE-2025-4231
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.6||HIGH
EPSS-1.03% / 59.92%
||
7 Day CHG+0.01%
Published-12 Jun, 2025 | 23:27
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface

A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-0130
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.2||HIGH
EPSS-0.36% / 28.08%
||
7 Day CHG~0.00%
Published-14 May, 2025 | 17:37
Updated-29 May, 2026 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafted Packets

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this condition will cause the firewall to enter maintenance mode. This issue does not affect Cloud NGFW or Prisma Access.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OSPrisma AccessCloud NGFW
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2025-0124
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.33% / 25.17%
||
7 Day CHG+0.02%
Published-11 Apr, 2025 | 01:55
Updated-02 Oct, 2025 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authenticated File Deletion Vulnerability on the Management Web Interface

An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but does not include system files. The attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue affects Cloud NGFW. However, this issue does not affect Prisma® Access software.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessPAN-OSCloud NGFW
CWE ID-CWE-73
External Control of File Name or Path
CVE-2025-0114
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.2||HIGH
EPSS-0.38% / 30.45%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 18:20
Updated-22 Oct, 2025 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Denial of Service (DoS) in GlobalProtect

A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway. This issue does not apply to Cloud NGFWs or Prisma Access software.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OSCloud NGFWPrisma Access
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-0111
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.1||HIGH
EPSS-1.93% / 77.69%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 20:58
Updated-26 Feb, 2026 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-03-13||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma AccessPAN-OS
CWE ID-CWE-73
External Control of File Name or Path
CWE ID-CWE-610
Externally Controlled Reference to a Resource in Another Sphere
CVE-2025-0108
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.8||HIGH
EPSS-98.42% / 99.91%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 20:55
Updated-26 Feb, 2026 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-03-11||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
PAN-OS: Authentication Bypass in the Management Web Interface

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma AccessPAN-OS
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-3393
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.7||HIGH
EPSS-26.64% / 97.80%
||
7 Day CHG~0.00%
Published-27 Dec, 2024 | 09:44
Updated-04 Nov, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-01-20||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet

A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-prisma_accesspan-osPAN-OSCloud NGFWPAN-OS
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2024-9474
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.9||MEDIUM
EPSS-94.77% / 99.85%
||
7 Day CHG~0.00%
Published-18 Nov, 2024 | 15:48
Updated-04 Nov, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-12-09||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet.
PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OSCloud NGFWPrisma Accesspan-osPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-0012
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-9.3||CRITICAL
EPSS-99.70% / 99.95%
||
7 Day CHG~0.00%
Published-18 Nov, 2024 | 15:47
Updated-04 Nov, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-12-09||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, management interface for affected devices should not be exposed to untrusted networks, including the internet.
PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OSCloud NGFWPrisma AccessPAN-OS
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-2550
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.7||HIGH
EPSS-0.51% / 40.11%
||
7 Day CHG~0.00%
Published-14 Nov, 2024 | 09:40
Updated-24 Jan, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet

A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-5920
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.29% / 21.20%
||
7 Day CHG~0.00%
Published-14 Nov, 2024 | 09:40
Updated-30 Apr, 2025 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in PAN-OS Enables Impersonation of a Legitimate Administrator

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrator's browser.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-5917
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-2.1||LOW
EPSS-0.48% / 38.37%
||
7 Day CHG~0.00%
Published-14 Nov, 2024 | 09:39
Updated-24 Jan, 2025 | 16:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Server-Side Request Forgery in WildFire

A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OSCloud NGFWcloud_ngfwpan-os
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-2552
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.47% / 37.91%
||
7 Day CHG~0.00%
Published-14 Nov, 2024 | 09:39
Updated-24 Jan, 2025 | 16:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)

A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-5918
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 6.79%
||
7 Day CHG~0.00%
Published-14 Nov, 2024 | 09:38
Updated-01 Oct, 2025 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Improper Certificate Validation Enables Impersonation of a Legitimate GlobalProtect User

An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you "Allow Authentication with User Credentials OR Client Certificate."

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-295
Improper Certificate Validation
CVE-2024-5919
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.35% / 26.84%
||
7 Day CHG~0.00%
Published-14 Nov, 2024 | 09:36
Updated-24 Jan, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Authenticated XML External Entities (XXE) Injection Vulnerability

A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2024-2551
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.7||HIGH
EPSS-0.48% / 38.45%
||
7 Day CHG~0.00%
Published-14 Nov, 2024 | 09:36
Updated-24 Jan, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet

A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-9471
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.29% / 21.37%
||
7 Day CHG+0.01%
Published-09 Oct, 2024 | 17:06
Updated-18 Oct, 2024 | 11:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Privilege Escalation (PE) Vulnerability in XML API

A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with "Virtual system administrator (read-only)" access could use an XML API key of a "Virtual system administrator" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Accesspan-os
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-9468
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.2||HIGH
EPSS-0.41% / 33.55%
||
7 Day CHG-0.00%
Published-09 Oct, 2024 | 17:05
Updated-01 Dec, 2025 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet

A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-8691
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.32% / 24.32%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:43
Updated-01 Nov, 2024 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: User Impersonation in GlobalProtect Portal

A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are disconnected from GlobalProtect. Upon exploitation, PAN-OS logs indicate that the impersonated user authenticated to GlobalProtect, which hides the identity of the attacker.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-8688
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.24% / 14.34%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:40
Updated-03 Oct, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI)

An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-155
Improper Neutralization of Wildcards or Matching Symbols
CVE-2024-8687
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.40% / 32.82%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:40
Updated-03 Oct, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-globalprotectprisma_accesspan-osCloud NGFWPAN-OSGlobalProtect AppPrisma Access
CWE ID-CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CVE-2024-8686
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-8.6||HIGH
EPSS-1.42% / 69.83%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:34
Updated-13 May, 2026 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Command Injection Vulnerability

A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPrisma AccessCloud NGFWPAN-OS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-5916
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6||MEDIUM
EPSS-0.25% / 16.16%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 16:41
Updated-30 Apr, 2025 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Cleartext Exposure of External System Secrets

An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-313
Cleartext Storage in a File or on Disk
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-5913
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.23% / 13.84%
||
7 Day CHG~0.00%
Published-10 Jul, 2024 | 18:40
Updated-24 Jan, 2025 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Improper Input Validation Vulnerability in PAN-OS

An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Accesspan-os
CWE ID-CWE-20
Improper Input Validation
CVE-2024-5911
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-7||HIGH
EPSS-0.58% / 43.68%
||
7 Day CHG~0.00%
Published-10 Jul, 2024 | 18:40
Updated-30 Jan, 2026 | 21:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: File Upload Vulnerability in the Panorama Web Interface

An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-3400
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-10||CRITICAL
EPSS-100.00% / 100.00%
||
7 Day CHG~0.00%
Published-12 Apr, 2024 | 07:20
Updated-04 Nov, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-04-19||Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OSCloud NGFWPrisma Accesspan-osPAN-OS
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-3388
Assigner-Palo Alto Networks, Inc.
ShareView Details
Assigner-Palo Alto Networks, Inc.
CVSS Score-4.1||MEDIUM
EPSS-0.35% / 27.17%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 17:06
Updated-24 Jan, 2025 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: User Impersonation in GlobalProtect SSL VPN

A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osprisma_accessCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-863
Incorrect Authorization
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next