Skip to main content

PAN-OS CVE-2026-0273

| EUVD-2026-36149 MEDIUM
OS Command Injection (CWE-78)
2026-06-10 palo_alto GHSA-mm9g-fxg3-3875
Command Injection Paloalto
6.1
CVSS 4.0 · Vendor: palo_alto
Share

Severity by source

Vendor (palo_alto) PRIMARY
6.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
vuln.today AI
7.2 HIGH

Admin credentials required (PR:H); root OS impact on same device with no scope change; network-reachable management interface (AV:N); no complexity beyond valid auth.

3.1 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (palo_alto).

CVSS VectorVendor: palo_alto

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

3
Patch available
Jun 10, 2026 - 23:01 EUVD
Analysis Generated
Jun 10, 2026 - 22:04 vuln.today
CVE Published
Jun 10, 2026 - 21:01 cve.org
MEDIUM 6.1

DescriptionCVE.org

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.

The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).

Cloud NGFW and Prisma® Access are not affected by this vulnerability.

AnalysisAI

Command injection in Palo Alto Networks PAN-OS enables an authenticated administrator to escape system-enforced restrictions and execute arbitrary OS commands as root via the CLI or Web UI. Affected deployments include PA-Series and VM-Series firewalls and Panorama (virtual and M-Series); Cloud NGFW and Prisma Access are explicitly excluded per the vendor advisory. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain or compromise administrator credentials
Delivery
Reach PAN-OS CLI or Web UI management interface
Exploit
Submit crafted input containing injected OS commands
Execution
Bypass PAN-OS system restrictions
Impact
Execute arbitrary commands as root on firewall or Panorama
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires an active, authenticated session with PAN-OS administrator-level privileges - the CVSS PR:H metric confirms this. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world risk is moderate and substantially constrained by the authentication prerequisite. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained valid PAN-OS administrator credentials - through phishing, password reuse, or insider access - logs into the management Web UI or SSH CLI and submits a specially crafted input containing injected OS-level command syntax. The PAN-OS command processing layer fails to sanitize the input, causing the underlying shell to execute the injected commands as root, granting full OS-level control of the firewall or Panorama appliance. …
Remediation Consult the Palo Alto Networks security advisory at https://security.paloaltonetworks.com/CVE-2026-0273 for patched version details, which are not included in currently available intelligence - a specific fixed version cannot be cited at this time. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-0272 MEDIUM
6.0 Jun 10

Privilege escalation in Palo Alto Networks PAN-OS on PA-Series and VM-Series firewalls and Panorama appliances allows an
CVE-2026-0271 MEDIUM
5.9 Jun 10

Privilege escalation in Palo Alto Networks Prisma Access Agent on Linux allows a locally authenticated low-privileged us
CVE-2026-0270 MEDIUM
4.8 Jun 10

Path traversal in Palo Alto Networks Cortex XSOAR engine on Linux enables arbitrary file write to the host system by an

CVE-2026-0269 MEDIUM
4.6 Jun 10

Memory corruption in PAN-OS tunnel traffic processing allows an authenticated, adjacent-network attacker to force the fi
CVE-2026-0267 MEDIUM
4.4 Jun 10

GlobalProtect app on macOS exposes administrator-configured passcodes - used to restrict disabling, disconnecting, or un

Share

CVE-2026-0273 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy