{"id":240838,"date":"2026-05-07T03:11:00","date_gmt":"2026-05-07T07:11:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/07\/u-s-cisa-adds-a-flaw-in-palo-alto-networks-pan-os-to-its-known-exploited-vulnerabilities-catalog\/"},"modified":"2026-05-07T07:20:12","modified_gmt":"2026-05-07T11:20:12","slug":"u-s-cisa-adds-a-flaw-in-palo-alto-networks-pan-os-to-its-known-exploited-vulnerabilities-catalog","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/07\/u-s-cisa-adds-a-flaw-in-palo-alto-networks-pan-os-to-its-known-exploited-vulnerabilities-catalog\/","title":{"rendered":"U.S. CISA adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog"},"content":{"rendered":"

U.S. CISA adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog<\/a><\/p>\n

https:\/\/securityaffairs.com\/191780\/security\/u-s-cisa-adds-a-flaw-in-palo-alto-networks-pan-os-to-its-known-exploited-vulnerabilities-catalog.html<\/a><\/p>\n

Publish Date: 2026-05-07 03:11:00<\/a><\/p>\n

Source Domain: securityaffairs.com<\/a><\/p>\n

U.S. CISA adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog<\/h2>\n<\/p>\n

\t\t\t\t\t\t\t Pierluigi Paganini<\/span>
\n\t\t\t\t\t\t\t\"\"\/ May 07, 2026<\/span><\/p>\n

\t\t\t\t\t\t\"\"\/<\/p>\n

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog<\/h2>\n

The U.S. Cybersecurity and Infrastructure Security Agency (CISA)\u00a0added\u00a0a flaw in the Palo Alto Networks PAN-OS, tracked as CVE-2026-0300 (CVSS score of 9.3), to its\u00a0Known Exploited Vulnerabilities (KEV) catalog.<\/p>\n

The flaw is a buffer overflow that allows unauthenticated remote code execution, especially when the User-ID portal is exposed to the internet.<\/p>\n

\u201cA buffer overflow vulnerability in the User-ID\u2122 Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.\u201d reads the\u00a0advisory\u00a0published by Palo Alto Networks. \u201cThe risk of this issue is greatly reduced if you secure access to the User-ID\u2122 Authentication Portal per the\u00a0best practice guidelines\u00a0by restricting access to only trusted internal IP addresses.\u201d<\/p>\n

This week, Palo Alto Networks has warned that the critical PAN-OS vulnerability CVE-2026-0300 is actively exploited in the wild.<\/p>\n

Below is the list of impacted products:<\/p>\n\n\n\n\n\n\n\n\n
Versions<\/th>\nAffected<\/th>\nUnaffected<\/th>\n<\/tr>\n
Cloud NGFW<\/td>\nNone<\/td>\nAll<\/td>\n<\/tr>\n
PAN-OS 12.1<\/td>\n\n= 12.1.4-h5 (ETA: 05\/13)
= 12.1.7 (ETA: 05\/28)<\/td>\n<\/tr>\n
PAN-OS 11.2<\/td>\n\n= 11.2.4-h17 (ETA: 05\/28)
= 11.2.7-h13 (ETA: 05\/13)
= 11.2.10-h6 (ETA: 05\/13)
= 11.2.12 (ETA: 05\/28)<\/td>\n<\/tr>\n
PAN-OS 11.1<\/td>\n\n= 11.1.4-h33 (ETA: 05\/13)
= 11.1.6-h32 (ETA: 05\/13)
= 11.1.7-h6 (ETA: 05\/28)
= 11.1.10-h25 (ETA: 05\/13)
= 11.1.13-h5 (ETA: 05\/13)
= 11.1.15 (ETA: 05\/28)<\/td>\n<\/tr>\n
PAN-OS 10.2<\/td>\n\n= 10.2.7-h34 (ETA: 05\/28)
= 10.2.10-h36 (ETA: 05\/13)
= 10.2.13-h21 (ETA: 05\/28)
= 10.2.16-h7 (ETA: 05\/28)
= 10.2.18-h6 (ETA: 05\/13)<\/td>\n<\/tr>\n
Prisma Access<\/td>\nNone<\/td>\nAll<\/td>\n<\/tr>\n<\/table>\n

The…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

U.S. CISA adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities…<\/p>\n","protected":false},"author":1,"featured_media":240839,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2020\/07\/CISA.jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,27],"class_list":["post-240838","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/240838"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=240838"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/240838\/revisions"}],"predecessor-version":[{"id":240840,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/240838\/revisions\/240840"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/240839"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=240838"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=240838"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=240838"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}