Tag

Firewalls

All articles tagged with #firewalls

PAN-OS Captive Portal zero-day enables remote code execution on exposed firewalls
technology2 months ago

PAN-OS Captive Portal zero-day enables remote code execution on exposed firewalls

Palo Alto Networks warned of a critical, unpatched vulnerability in the PAN-OS User-ID Authentication Portal (Captive Portal), CVE-2026-0300, that can be triggered by crafted packets to allow unauthenticated remote code execution with root privileges on internet-exposed PA-Series and VM-Series firewalls; exploitation has been observed as limited but ongoing, with Shadowserver counting thousands of exposed VM-series endpoints. Until a patch is released (updates expected May 13, 2026), admins are advised to restrict portal access to trusted networks or disable it, noting the issue does not affect Cloud NGFW or Panorama.

Wild PAN-OS Flaw Exposes Palo Alto Firewalls to Root Access
cyber-security-news2 months ago

Wild PAN-OS Flaw Exposes Palo Alto Firewalls to Root Access

A critical, unauthenticated buffer overflow in PAN-OS’s User-ID Authentication Portal (CVE-2026-0300) is being exploited in the wild to gain full root access on PA-Series and VM-Series firewalls. The flaw allows remote code execution with no credentials or user interaction over the network, affecting multiple PAN-OS versions (with some product exclusions). Patches are rolling out May 13–28, 2026; meanwhile, admins should restrict or disable internet-facing Authentication Portals and apply Threat Prevention signatures, and audit exposed configurations immediately.