Paloalto
Monthly
Privilege escalation in Palo Alto Networks Prisma® Browser on macOS enables a locally authenticated administrator with access to the local filesystem to perform actions at root privilege level. The vulnerability is scoped exclusively to macOS deployments of Prisma Browser - no other platforms or Palo Alto products are implicated per the advisory. No public exploit identified at time of analysis; the CVSS 4.0 base score of 2.0 reflects the substantial exploitation prerequisites that materially constrain real-world risk despite the full-system impact potential at root level.
Denial of service conditions in Palo Alto Networks PAN-OS allow unauthenticated network attackers to crash firewall dataplane processes by sending specially crafted traffic to or through a dataplane interface. Repeated exploitation escalates the impact: the firewall is forced into maintenance mode, effectively taking the security appliance offline and disrupting all traffic enforcement. No public exploit code has been identified at time of analysis, and Panorama management infrastructure is explicitly confirmed unaffected.
Command injection in the Palo Alto Networks PAN-OS management plane allows an authenticated administrator to execute arbitrary OS commands with root privileges on PA-Series, VM-Series, and Panorama appliances. The vulnerability is classified CWE-78 and is reachable via the network-accessible management interface, though the requirement for administrator-level credentials substantially constrains the attacker pool. No public exploit code has been identified at time of analysis, and no active exploitation has been confirmed by CISA KEV.
Server-side request forgery in Palo Alto Networks PAN-OS allows an authenticated administrator with access to the management web interface to weaponize the firewall as an unauthorized network relay, making requests to internal services on behalf of the attacker. Exploitation is constrained by the requirement for high-privilege administrator credentials (PR:H) and network reachability to the management interface, substantially limiting the realistic attacker population. No public exploit code or active exploitation has been identified; the vendor's own CVSS 4.0 supplemental metrics rate exploitation status as Unreported (E:U) and urgency as Amber.
Privilege escalation in Palo Alto Networks Cortex XDR Broker VM permits locally authenticated users to perform operations as the root user within the appliance. The vulnerability is constrained to the Broker VM itself - the CVSS 4.0 vector (SC:N/SI:N/SA:N) confirms no scope change to subsequent or adjacent systems, limiting the blast radius to the VM appliance. No public exploit exists (E:U) and no CISA KEV listing is present; the vendor-assigned CVSS 4.0 score of 1.1 reflects this low-urgency posture.
XML injection in Palo Alto Networks PAN-OS Large Scale VPN (LSVPN) exposes unauthenticated remote attackers a path to inject malicious XML content into the LSVPN data pipeline, resulting in information disclosure or corruption of internal satellite configuration data. Only PAN-OS devices with LSVPN actively configured are affected; the vendor explicitly confirms Panorama, Cloud NGFW, and Prisma Access are not in scope. No public exploit has been identified at time of analysis, and the CVSS 4.0 supplemental E:U metric signals exploitation as currently unlikely, though the zero-authentication, network-accessible attack surface demands prompt attention from operators running LSVPN hub deployments.
Authentication bypass in the Large Scale VPN (LSVPN) feature of Palo Alto Networks PAN-OS enables unauthenticated network-adjacent attackers to establish unauthorized site-to-site VPN connections without valid credentials. The root cause is CWE-306 (Missing Authentication for Critical Function), where the LSVPN peer negotiation process fails to enforce authentication before allowing VPN tunnel establishment. While the CVSS 4.0 base score is 4.5, the subsequent-system confidentiality impact is rated High (SC:H), reflecting that a successful bypass grants the attacker routing-level access into networks protected by the VPN - a materially greater risk than the headline score suggests. No public exploit code exists and no active exploitation has been confirmed (CISA KEV not listed, E:U).
Unauthenticated file deletion in Palo Alto Networks PAN-OS allows network-reachable attackers to delete files from a temporary directory via the management web interface, affecting PA-Series and VM-Series firewalls and Panorama appliances. Real-world risk is substantially bounded by the vendor's documented best-practice guidance to restrict management interface access to trusted internal IP addresses, which eliminates external attack surface. No public exploit code has been identified, CISA KEV listing is absent, and the vendor-provided CVSS 4.0 score of 2.7 with an E:U supplemental metric reflects no known active exploitation.
Web session token theft from PAN-OS management interfaces affects PA-Series and VM-Series firewalls and Panorama deployments, enabling a network-adjacent unauthenticated attacker to hijack authenticated administrator sessions. Exploitation depends on a legitimate management user clicking an attacker-crafted malicious link while an active session exists - a social engineering prerequisite that substantially reduces real-world risk. No public exploit code exists (CVSS 4.0 E:U) and the issue is not listed in CISA KEV; the vendor rates overall CVSS 4.0 severity at 2.1, reflecting these mitigating factors.
Security policy bypass in Palo Alto Networks PAN-OS exposes protected services behind the firewall to traffic that should be blocked, exploitable by unauthenticated remote attackers via crafted IPv6 packets targeting the dataplane. The CVSS 4.0 score of 1.7 reflects that direct impact on the firewall itself is nil (VC:N/VI:N/VA:N), with only low-severity downstream effect on subsequent systems (SC:L/SI:L), and specific attack conditions must be present (AT:P). No public exploit code exists and no active exploitation has been reported (E:U), though the automatable flag (AU:Y) indicates the attack could in principle be scripted once conditions are met.
Multiple stored and reflected cross-site scripting vulnerabilities in PAN-OS expose the User-ID Authentication Portal (Captive Portal), GlobalProtect gateway/portal, and Clientless VPN web interfaces to unauthenticated attackers who can inject and execute arbitrary JavaScript in victim browsers. Affected deployments span PA-Series and VM-Series firewalls and Panorama management platforms; Cloud NGFW is explicitly not affected. No public exploit code exists (CVSS 4.0 E:U), and the vendor states risk is substantially reduced - potentially minimized - when portal and management access is restricted to trusted internal IP ranges per Palo Alto's recommended hardening guidelines.
Memory corruption in the User-ID Terminal Server Agent (TSA) of Palo Alto Networks PAN-OS lets an unauthenticated network attacker crash the service (DoS) or potentially execute arbitrary code by sending crafted traffic to the TSA listener. Multiple out-of-bounds write bugs are involved; the vendor's CVSS 4.0 vector flags the exploit as unproven (E:U), and no public exploit has been identified at time of analysis. Panorama is explicitly not affected, and exposure hinges on whether the optional TSA component is deployed and reachable.
Command injection in Palo Alto Networks PAN-OS enables an authenticated administrator to escape system-enforced restrictions and execute arbitrary OS commands as root via the CLI or Web UI. Affected deployments include PA-Series and VM-Series firewalls and Panorama (virtual and M-Series); Cloud NGFW and Prisma Access are explicitly excluded per the vendor advisory. No public exploit has been identified at time of analysis, and the CVSS 4.0 score of 6.1 accurately reflects the significant mitigating factor of requiring high-privilege administrative access before exploitation is possible.
Privilege escalation in Palo Alto Networks PAN-OS on PA-Series and VM-Series firewalls and Panorama appliances allows an authenticated CLI administrator to perform operations at the root OS level, bypassing intended privilege boundaries through a missing authorization control (CWE-862). The risk is substantially gated by the requirement for existing administrative CLI access (CVSS PR:H), making insider threats and compromised admin credentials the primary real-world attack paths. No public exploits or confirmed active exploitation have been identified at time of analysis, and the vendor's own E:U supplemental metric reinforces the low exploitation urgency - though root-level OS access to a firewall represents a severe impact if the prerequisite is met.
Privilege escalation in Palo Alto Networks Prisma Access Agent on Linux allows a locally authenticated low-privileged user to execute arbitrary code with elevated privileges, achieving full confidentiality, integrity, and availability compromise of the affected system. The vulnerability is rooted in CWE-732 (Incorrect Permission Assignment for Critical Resource) and is strictly scoped to Linux deployments - the Windows, macOS, iOS, Android, and ChromeOS agent variants are confirmed unaffected by the vendor. No public exploit code has been identified at time of analysis, and the CVSS 4.0 supplemental metric E:U (Exploitation Unlikely) further tempers immediate mass-exploitation risk, though the complete local system impact warrants timely patching for multi-user Linux environments.
Path traversal in Palo Alto Networks Cortex XSOAR engine on Linux enables arbitrary file write to the host system by an unauthenticated adjacent-network attacker who can intercept and manipulate outbound network response traffic via MITM. The referenced NVD entry for CVE-2007-4559 - the canonical Python tarfile path traversal - strongly suggests XSOAR's content pack or update download pipeline uses Python's tarfile module without path sanitization, allowing a poisoned archive to escape the extraction directory. No public exploit code has been identified at time of analysis, and the CVSS 4.0 supplemental metrics classify exploitation as unreported (E:U), though the attack is rated automatable (AU:Y) once MITM positioning is achieved.
Memory corruption in PAN-OS tunnel traffic processing allows an authenticated, adjacent-network attacker to force the firewall into unplanned reboots or maintenance mode via a crafted packet, constituting a denial-of-service against the firewall itself. The CVSS 4.0 vector (AV:A/PR:L/VA:H) confirms the impact is purely availability - no confidentiality or integrity loss - and exploitation requires both authenticated access and adjacency to the tunnel interface. No public exploit code exists and no active exploitation has been reported; the vendor-assigned threat metric (E:U) reinforces that real-world risk is presently low.
GlobalProtect app on macOS exposes administrator-configured passcodes - used to restrict disabling, disconnecting, or uninstalling the endpoint agent - to unprivileged local users. A local user who reads the exposed passcode can then bypass endpoint protection controls that are specifically designed to prevent such actions, effectively disabling Palo Alto's endpoint security enforcement on the affected machine. No public exploit exists at time of analysis, and CVSS 4.0 supplemental metrics classify exploitation likelihood as 'Unreported' (E:U), though the impact on security posture is significant given that the passcode mechanism is the primary access control preventing users from circumventing GlobalProtect.
Stored cross-site scripting in Palo Alto Networks PAN-OS allows a malicious authenticated administrator to persist a JavaScript payload via the web management interface, enabling potential execution of that script in the browsers of other administrative users who view the affected interface element. Affected platforms include PA-Series and VM-Series physical and virtual firewalls as well as Panorama (both virtual appliances and M-Series hardware). The CVSS 4.0 base score of 1.1 reflects the extremely constrained exploitability: high-privilege access is a prerequisite and passive user interaction by a second victim is required. No public exploit identified at time of analysis.
Denial of service in Palo Alto Networks Prisma SD-WAN ION devices allows an unauthenticated attacker with adjacent network access to crash or disrupt the device by sending a specially crafted IPv6 packet. The vulnerability (CWE-606) exists across three active release branches of the ION software, with fixed versions available from Palo Alto Networks. No public exploit code exists and no active exploitation has been identified at time of analysis, with EPSS at 0.03% and SSVC confirming exploitation status as none.
Improper certificate validation in Palo Alto Networks Prisma SD-WAN ION allows an adjacent-network attacker positioned as a man-in-the-middle to impersonate the SD-WAN controller, achieving high confidentiality, integrity, and availability impact against the vulnerable device. Affected versions span three active release trains (6.3.x, 6.4.x, and 6.5.x), with fixed builds now available from Palo Alto Networks. No public exploit identified at time of analysis, and EPSS sits at 0.00%, but SSVC rates technical impact as total given the controller-impersonation capability.
Local privilege escalation in Palo Alto Networks Prisma Access Agent (all versions prior to 26.2.1) allows any locally authenticated non-administrative user to elevate to root on macOS and Linux, or NT AUTHORITY\SYSTEM on Windows, by exploiting a flawed privilege management mechanism. Successful exploitation grants full control of the affected endpoint, enabling arbitrary code execution and unauthorized access to data restricted to privileged accounts. No public exploit exists and the vulnerability is absent from CISA KEV; however, SSVC rates technical impact as total, making patching a meaningful priority for multi-user and enterprise endpoint environments.
Improper certificate validation in Palo Alto Networks GlobalProtect App exposes macOS and Android users to adversary-in-the-middle attacks from locally adjacent network positions, enabling traffic interception and malicious software installation. The flaw allows an unauthenticated attacker on the same subnet - or a local non-administrative OS user - to redirect encrypted VPN communications to a rogue server by bypassing TLS certificate checks. No public exploit has been identified at time of analysis, EPSS is effectively zero, and CISA SSVC rates exploitation as none, though the high confidentiality and integrity impact on the vulnerable component warrants prompt patching on affected platforms.
Buffer overflow in Palo Alto Networks GlobalProtect App (versions 6.0 through 6.3) allows an adjacent-network attacker positioned as a man-in-the-middle to corrupt memory during Portal/Gateway message processing, potentially executing arbitrary code with SYSTEM privileges on affected endpoints. Affected platforms include Windows (including the UWP variant), macOS, and other non-iOS clients; iOS is explicitly excluded by the vendor. No public exploit identified at time of analysis - EPSS stands at 0.01% and SSVC confirms no current exploitation - however the SSVC technical impact rating of 'total' and potential for full SYSTEM-level compromise justify prioritized patching for endpoints connecting from untrusted networks.
Content injection in Palo Alto Networks Broker VM 30.0 (versions prior to 30.0.24) allows an authenticated administrator with local access to inject arbitrary content into certain administrative fields within the appliance. The vulnerability carries a CVSS 4.0 score of 1.1, reflecting its highly constrained exploitation prerequisites: local access, low-privilege authentication, and limited integrity impact with no confidentiality or availability consequences. No public exploit identified at time of analysis, and SSVC assessment confirms no observed exploitation, making this a low-urgency finding for most organizations.
Local privilege escalation vulnerabilities in Palo Alto Networks GlobalProtect App on Windows, macOS, and Linux allow a low-privileged local user to elevate to NT AUTHORITY\SYSTEM (Windows) or root (macOS/Linux), enabling full OS-level command execution. The root cause is CWE-426 (Untrusted Search Path), where the application resolves executables or libraries from attacker-controllable locations. No public exploit has been identified and CISA SSVC confirms exploitation status as none; however, SSVC rates technical impact as total, reflecting the complete privilege gain achievable upon successful exploitation.
Stored cross-site scripting in Palo Alto Networks PAN-OS® web interface allows a malicious authenticated administrator to inject persistent JavaScript payloads that execute in the browsers of other users who view the affected pages. Affected deployments include PA-Series and VM-Series firewalls and Panorama (virtual and M-Series) running PAN-OS 10.2.x, 11.1.x, 11.2.x, and 12.1.x branches. No active exploitation is confirmed - EPSS stands at 0.04% (13th percentile), SSVC exploitation status is 'none', and no public exploit code has been identified at time of analysis. Vendor-released patches are available for all affected branches.
Authentication bypass in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS allows remote attackers to establish unauthorized VPN connections without valid credentials. The flaw is confirmed actively exploited (CISA KEV) and publicly available exploit code exists, though EPSS remains low at 0.05%, suggesting targeted rather than mass exploitation. Panorama and Cloud NGFW deployments are not affected, but PAN-OS firewalls and Prisma Access tenants running vulnerable trains are exposed.
Policy bypass in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to circumvent access and data control policies via a race condition, potentially exposing restricted data with high confidentiality impact to the vulnerable system. Affected versions span all releases prior to 146.16.6.165, per EUVD-2026-30087 and vendor advisory. No active exploitation is confirmed - the vulnerability is absent from CISA KEV, EPSS sits at 0.01% (3rd percentile), and SSVC assessment categorizes exploitation status as none - indicating this is a low-urgency but architecturally meaningful trust boundary weakness in an enterprise browser control product.
Server-side request forgery in the IKEv2 implementation of Palo Alto Networks PAN-OS allows unauthenticated remote attackers to coerce the firewall into issuing outbound network requests to arbitrary destinations or to trigger a denial-of-service condition. Affected are PAN-OS 10.2, 11.1, 11.2, and 12.1 branch trains; Panorama, Cloud NGFW, and Prisma Access are explicitly confirmed unaffected. No public exploit code has been identified and SSVC assessment confirms no current exploitation, though a vendor-released patch is available across all impacted branches.
Authenticated file read and delete in Palo Alto Networks WildFire WF-500 and WF-500-B on-premise sandboxing appliances exposes sensitive system information and permits arbitrary file deletion by low-privileged network users. The root cause is CWE-73 (External Control of File Name or Path), where user-supplied input is insufficiently validated before being used to construct file system paths. Exploitation is constrained to appliances running in the default non-FIPS configuration mode; organizations relying solely on the WildFire Public cloud service are not impacted. No public exploit has been identified at time of analysis, consistent with EPSS at 0.05% (16th percentile) and SSVC exploitation status of 'none'.
Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS allow an authenticated administrator to escape system restrictions and execute arbitrary commands with root-level privileges on affected firewalls and Panorama management platforms. Affected deployments include PA-Series and VM-Series firewalls and Panorama (virtual and M-Series appliances) across PAN-OS versions 10.2, 11.1, 11.2, and 12.1. An attacker who already holds administrative credentials and can reach the CLI or Web UI can leverage these flaws to fully compromise the underlying OS. No public exploit code exists and no KEV listing is present at time of analysis, consistent with the very low EPSS score of 0.08% (24th percentile).
Local code injection in Palo Alto Networks Prisma Browser on macOS lets an authenticated non-admin user abuse an exposed AppleScript/Apple Event handler to send unauthorized commands to the browser, with high impact on confidentiality and integrity. No public exploit identified at time of analysis, and EPSS is very low (0.02%), but SSVC rates the technical impact as total once the local foothold exists. Affects all Prisma Browser releases prior to 146.16.6.165 on macOS.
Multiple denial-of-service conditions in Palo Alto Networks PAN-OS allow unauthenticated remote attackers to crash or degrade firewall availability by sending specially crafted network traffic, with a high availability impact (VA:H) on the vulnerable system. Affected deployments span PAN-OS 10.2, 11.1, 11.2, and 12.1 branches as well as Prisma Access; vendor explicitly states Panorama and Cloud NGFW are not impacted, though Cloud NGFW appears in CPE strings - a discrepancy worth verifying. No public exploit identified at time of analysis, EPSS is very low (0.05%, 16th percentile), and SSVC classifies exploitation as none with non-automatable attack patterns, collectively suggesting a patch-cycle priority rather than an emergency response.
Local privilege escalation in Palo Alto Networks Prisma Browser on macOS allows a locally authenticated non-admin user to access an internal automation bridge that was insufficiently restricted, enabling unauthorized commands to be sent to the browser and bypassing built-in security controls. The flaw is tracked as CVE-2026-0237 with a CVSS 4.0 score of 7.3 and no public exploit identified at time of analysis, though SSVC rates the technical impact as total.
Remote code execution and denial-of-service in Palo Alto Networks PAN-OS software stems from a buffer overflow in the IKEv2 processing path, allowing unauthenticated network attackers to either crash the firewall or run arbitrary code with elevated privileges. The flaw affects multiple PAN-OS branches (11.1.x, 11.2.x, and 12.1.x) while Panorama, Cloud NGFW, and Prisma Access remain unaffected. There is no public exploit identified at time of analysis, EPSS sits at a low 0.06% (19th percentile), and CISA SSVC currently lists exploitation as 'none'.
Heap-based buffer overflow in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS allows unauthenticated remote attackers to trigger a denial-of-service condition across all PAN-OS platforms (except Cloud NGFW and Prisma Access) and potentially achieve arbitrary code execution on PA-Series hardware appliances via specially crafted network traffic. The flaw is rated CVSS 7.2 with high attack complexity; no public exploit identified at time of analysis and EPSS is 0.07%, but the technical impact is rated total by SSVC.
Authentication bypass in Palo Alto Networks PAN-OS allows unauthenticated network attackers to circumvent authentication controls when the Cloud Authentication Service (CAS) feature is enabled, with the highest risk when CAS is bound to the management interface. The flaw affects PA-Series and VM-Series firewalls as well as Panorama (virtual and M-Series); Cloud NGFW and Prisma Access are not impacted. No public exploit identified at time of analysis, and EPSS rates real-world exploitation probability low at 0.08%, but the high-value target profile and CWE-347 (Improper Verification of Cryptographic Signature) class - combined with the 'Jwt Attack' tag - warrant prompt patching.
Remote code execution in Palo Alto Networks PAN-OS User-ID Authentication Portal (Captive Portal) allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls via specially crafted packets. CISA KEV confirms active exploitation in the wild with publicly available exploit code. EPSS risk assessment is not provided, but the vulnerability achieves maximum impact with minimal attack complexity (CVSS 9.3, AV:N/AC:L/PR:N), making this a critical priority for immediate remediation. The attack surface is significantly reduced when access to the portal is restricted to trusted internal networks per vendor best practices.
Cortex XDR agent on Windows versions 7.9-CE through 9.0 allows authenticated local administrators to disable the agent through a protection mechanism bypass, enabling malware to operate undetected. The vulnerability requires high privileges and local access, but creates a critical detection evasion vector when exploited by administratively compromised systems or insider threats. No public exploit code or active exploitation has been reported at time of analysis.
Remote code execution in Palo Alto Networks Autonomous Digital Experience Manager on Windows via certificate validation bypass allows unauthenticated attackers with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges. CVSS score is 2.0 but reflects a physical adjacency attack vector (AV:P); real-world risk depends on network topology and whether the manager is exposed on trusted adjacent networks. No public exploit code or active exploitation has been confirmed at time of analysis.
An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting.
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection.
A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet.
An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so.
Unauthenticated remote attackers can crash Palo Alto Networks PAN-OS firewalls through repeated requests, forcing the devices into maintenance mode and causing denial of service. This vulnerability affects Palo Alto firewalls and Prisma Access deployments with no available patch, creating ongoing operational risk. The attack requires no authentication or user interaction and can be exploited over the network.
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the _internal index during the addition of new “Data Security Accounts“. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A sensitive information disclosure vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to retrieve sensitive data from Prisma Browser. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the. Rated low severity (CVSS 1.1), this vulnerability is low attack complexity. No vendor patch available.
An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to revert the browser’s security controls. Rated low severity (CVSS 1.1), this vulnerability is low attack complexity. No vendor patch available.
A denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper input neutralization in Palo Alto Networks PAN-OS management web interface allows authenticated high-privilege administrators to bypass system restrictions and execute arbitrary commands through command injection. The vulnerability affects PAN-OS across multiple versions (specific version ranges not independently confirmed from provided data), with a low EPSS exploitation probability (0.06%, 17th percentile) and no confirmed active exploitation or public proof-of-concept. Risk is significantly reduced when CLI access is restricted to a limited administrator group; Cloud NGFW and Prisma Access are unaffected.
An information exposure vulnerability in the Palo Alto Networks User-ID Credential Agent (Windows-based) can expose the service account password under specific non-default configurations. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.
A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in the cleartext exposure of the connectivity association key (CAK). Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.
A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud can result in the cleartext exposure of Prisma Cloud access keys in Checkov's output. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious. Rated medium severity (CVSS 4.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
CVE-2025-0141 is a security vulnerability (CVSS 8.4) that allows a locally authenticated non administrative user. High severity vulnerability requiring prompt remediation.
CVE-2025-0140 is a security vulnerability (CVSS 6.8) that allows a locally authenticated non administrative user. Remediation should follow standard vulnerability management procedures.
CVE-2025-0139 is a security vulnerability (CVSS 6.3) that allows a locally authenticated low privileged user. Remediation should follow standard vulnerability management procedures.
An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW and Prisma® Access are not affected by this vulnerability.
An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtect™ app allows certain packets to remain unencrypted instead of being properly secured within the tunnel. An attacker with physical access to the network can inject rogue devices to intercept these packets. Under normal operating conditions, the GlobalProtect app automatically recovers from this interception within one minute.
CVE-2025-4232 is an improper neutralization of wildcards vulnerability in Palo Alto Networks GlobalProtect app for macOS that allows non-administrative users to escalate privileges to root through the log collection feature. With a CVSS score of 8.8 and requiring only low complexity remote network access with low privileges, this vulnerability presents a critical privilege escalation risk. The attack requires user interaction only at the network level (not UI) and affects the confidentiality, integrity, and availability of affected systems.
Command injection vulnerability in Palo Alto Networks PAN-OS that allows an authenticated administrative user to execute arbitrary commands with root privileges. The vulnerability requires network access to the management web interface and successful authentication, making it a post-authentication remote code execution flaw. While the CVSS score of 7.2 is moderately high, the requirement for administrative credentials significantly limits its practical exploitability in most environments.
Command injection vulnerability in Palo Alto Networks PAN-OS that allows authenticated administrators with CLI access to bypass system restrictions and execute arbitrary commands with root privileges. The vulnerability affects on-premises PAN-OS deployments with CVSS 8.4, but risk is significantly reduced in environments where CLI access is restricted to a limited administrative group. Cloud NGFW and Prisma Access are not affected.
CVE-2025-4228 is a security vulnerability (CVSS 4.6) that allows an authenticated administrative user. Remediation should follow standard vulnerability management procedures.
CVE-2025-4233 is a security vulnerability (CVSS 5.1) that allows users. Remediation should follow standard vulnerability management procedures.
Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not expire when users are deleted, which makes Prisma Cloud Compute Edition susceptible to unauthorized. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series) leads to unencrypted data transfer. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.
A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary code with root privileges on the host operating system running Broker. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
An improper exception check in Palo Alto Networks Prisma Access Browser allows a low privileged user to prevent Prisma Access Browser from applying it's Policy Rules. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature. Rated medium severity (CVSS 5.9), this vulnerability is low attack complexity. No vendor patch available.
A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system. Rated medium severity (CVSS 6.3), this vulnerability is low attack complexity. No vendor patch available.
A denial-of-service (DoS) vulnerability in the Simple Certificate Enrollment Protocol (SCEP) authentication feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma® SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A null pointer dereference vulnerability in the Palo Alto Networks Cortex® XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Privilege escalation in Palo Alto Networks Prisma® Browser on macOS enables a locally authenticated administrator with access to the local filesystem to perform actions at root privilege level. The vulnerability is scoped exclusively to macOS deployments of Prisma Browser - no other platforms or Palo Alto products are implicated per the advisory. No public exploit identified at time of analysis; the CVSS 4.0 base score of 2.0 reflects the substantial exploitation prerequisites that materially constrain real-world risk despite the full-system impact potential at root level.
Denial of service conditions in Palo Alto Networks PAN-OS allow unauthenticated network attackers to crash firewall dataplane processes by sending specially crafted traffic to or through a dataplane interface. Repeated exploitation escalates the impact: the firewall is forced into maintenance mode, effectively taking the security appliance offline and disrupting all traffic enforcement. No public exploit code has been identified at time of analysis, and Panorama management infrastructure is explicitly confirmed unaffected.
Command injection in the Palo Alto Networks PAN-OS management plane allows an authenticated administrator to execute arbitrary OS commands with root privileges on PA-Series, VM-Series, and Panorama appliances. The vulnerability is classified CWE-78 and is reachable via the network-accessible management interface, though the requirement for administrator-level credentials substantially constrains the attacker pool. No public exploit code has been identified at time of analysis, and no active exploitation has been confirmed by CISA KEV.
Server-side request forgery in Palo Alto Networks PAN-OS allows an authenticated administrator with access to the management web interface to weaponize the firewall as an unauthorized network relay, making requests to internal services on behalf of the attacker. Exploitation is constrained by the requirement for high-privilege administrator credentials (PR:H) and network reachability to the management interface, substantially limiting the realistic attacker population. No public exploit code or active exploitation has been identified; the vendor's own CVSS 4.0 supplemental metrics rate exploitation status as Unreported (E:U) and urgency as Amber.
Privilege escalation in Palo Alto Networks Cortex XDR Broker VM permits locally authenticated users to perform operations as the root user within the appliance. The vulnerability is constrained to the Broker VM itself - the CVSS 4.0 vector (SC:N/SI:N/SA:N) confirms no scope change to subsequent or adjacent systems, limiting the blast radius to the VM appliance. No public exploit exists (E:U) and no CISA KEV listing is present; the vendor-assigned CVSS 4.0 score of 1.1 reflects this low-urgency posture.
XML injection in Palo Alto Networks PAN-OS Large Scale VPN (LSVPN) exposes unauthenticated remote attackers a path to inject malicious XML content into the LSVPN data pipeline, resulting in information disclosure or corruption of internal satellite configuration data. Only PAN-OS devices with LSVPN actively configured are affected; the vendor explicitly confirms Panorama, Cloud NGFW, and Prisma Access are not in scope. No public exploit has been identified at time of analysis, and the CVSS 4.0 supplemental E:U metric signals exploitation as currently unlikely, though the zero-authentication, network-accessible attack surface demands prompt attention from operators running LSVPN hub deployments.
Authentication bypass in the Large Scale VPN (LSVPN) feature of Palo Alto Networks PAN-OS enables unauthenticated network-adjacent attackers to establish unauthorized site-to-site VPN connections without valid credentials. The root cause is CWE-306 (Missing Authentication for Critical Function), where the LSVPN peer negotiation process fails to enforce authentication before allowing VPN tunnel establishment. While the CVSS 4.0 base score is 4.5, the subsequent-system confidentiality impact is rated High (SC:H), reflecting that a successful bypass grants the attacker routing-level access into networks protected by the VPN - a materially greater risk than the headline score suggests. No public exploit code exists and no active exploitation has been confirmed (CISA KEV not listed, E:U).
Unauthenticated file deletion in Palo Alto Networks PAN-OS allows network-reachable attackers to delete files from a temporary directory via the management web interface, affecting PA-Series and VM-Series firewalls and Panorama appliances. Real-world risk is substantially bounded by the vendor's documented best-practice guidance to restrict management interface access to trusted internal IP addresses, which eliminates external attack surface. No public exploit code has been identified, CISA KEV listing is absent, and the vendor-provided CVSS 4.0 score of 2.7 with an E:U supplemental metric reflects no known active exploitation.
Web session token theft from PAN-OS management interfaces affects PA-Series and VM-Series firewalls and Panorama deployments, enabling a network-adjacent unauthenticated attacker to hijack authenticated administrator sessions. Exploitation depends on a legitimate management user clicking an attacker-crafted malicious link while an active session exists - a social engineering prerequisite that substantially reduces real-world risk. No public exploit code exists (CVSS 4.0 E:U) and the issue is not listed in CISA KEV; the vendor rates overall CVSS 4.0 severity at 2.1, reflecting these mitigating factors.
Security policy bypass in Palo Alto Networks PAN-OS exposes protected services behind the firewall to traffic that should be blocked, exploitable by unauthenticated remote attackers via crafted IPv6 packets targeting the dataplane. The CVSS 4.0 score of 1.7 reflects that direct impact on the firewall itself is nil (VC:N/VI:N/VA:N), with only low-severity downstream effect on subsequent systems (SC:L/SI:L), and specific attack conditions must be present (AT:P). No public exploit code exists and no active exploitation has been reported (E:U), though the automatable flag (AU:Y) indicates the attack could in principle be scripted once conditions are met.
Multiple stored and reflected cross-site scripting vulnerabilities in PAN-OS expose the User-ID Authentication Portal (Captive Portal), GlobalProtect gateway/portal, and Clientless VPN web interfaces to unauthenticated attackers who can inject and execute arbitrary JavaScript in victim browsers. Affected deployments span PA-Series and VM-Series firewalls and Panorama management platforms; Cloud NGFW is explicitly not affected. No public exploit code exists (CVSS 4.0 E:U), and the vendor states risk is substantially reduced - potentially minimized - when portal and management access is restricted to trusted internal IP ranges per Palo Alto's recommended hardening guidelines.
Memory corruption in the User-ID Terminal Server Agent (TSA) of Palo Alto Networks PAN-OS lets an unauthenticated network attacker crash the service (DoS) or potentially execute arbitrary code by sending crafted traffic to the TSA listener. Multiple out-of-bounds write bugs are involved; the vendor's CVSS 4.0 vector flags the exploit as unproven (E:U), and no public exploit has been identified at time of analysis. Panorama is explicitly not affected, and exposure hinges on whether the optional TSA component is deployed and reachable.
Command injection in Palo Alto Networks PAN-OS enables an authenticated administrator to escape system-enforced restrictions and execute arbitrary OS commands as root via the CLI or Web UI. Affected deployments include PA-Series and VM-Series firewalls and Panorama (virtual and M-Series); Cloud NGFW and Prisma Access are explicitly excluded per the vendor advisory. No public exploit has been identified at time of analysis, and the CVSS 4.0 score of 6.1 accurately reflects the significant mitigating factor of requiring high-privilege administrative access before exploitation is possible.
Privilege escalation in Palo Alto Networks PAN-OS on PA-Series and VM-Series firewalls and Panorama appliances allows an authenticated CLI administrator to perform operations at the root OS level, bypassing intended privilege boundaries through a missing authorization control (CWE-862). The risk is substantially gated by the requirement for existing administrative CLI access (CVSS PR:H), making insider threats and compromised admin credentials the primary real-world attack paths. No public exploits or confirmed active exploitation have been identified at time of analysis, and the vendor's own E:U supplemental metric reinforces the low exploitation urgency - though root-level OS access to a firewall represents a severe impact if the prerequisite is met.
Privilege escalation in Palo Alto Networks Prisma Access Agent on Linux allows a locally authenticated low-privileged user to execute arbitrary code with elevated privileges, achieving full confidentiality, integrity, and availability compromise of the affected system. The vulnerability is rooted in CWE-732 (Incorrect Permission Assignment for Critical Resource) and is strictly scoped to Linux deployments - the Windows, macOS, iOS, Android, and ChromeOS agent variants are confirmed unaffected by the vendor. No public exploit code has been identified at time of analysis, and the CVSS 4.0 supplemental metric E:U (Exploitation Unlikely) further tempers immediate mass-exploitation risk, though the complete local system impact warrants timely patching for multi-user Linux environments.
Path traversal in Palo Alto Networks Cortex XSOAR engine on Linux enables arbitrary file write to the host system by an unauthenticated adjacent-network attacker who can intercept and manipulate outbound network response traffic via MITM. The referenced NVD entry for CVE-2007-4559 - the canonical Python tarfile path traversal - strongly suggests XSOAR's content pack or update download pipeline uses Python's tarfile module without path sanitization, allowing a poisoned archive to escape the extraction directory. No public exploit code has been identified at time of analysis, and the CVSS 4.0 supplemental metrics classify exploitation as unreported (E:U), though the attack is rated automatable (AU:Y) once MITM positioning is achieved.
Memory corruption in PAN-OS tunnel traffic processing allows an authenticated, adjacent-network attacker to force the firewall into unplanned reboots or maintenance mode via a crafted packet, constituting a denial-of-service against the firewall itself. The CVSS 4.0 vector (AV:A/PR:L/VA:H) confirms the impact is purely availability - no confidentiality or integrity loss - and exploitation requires both authenticated access and adjacency to the tunnel interface. No public exploit code exists and no active exploitation has been reported; the vendor-assigned threat metric (E:U) reinforces that real-world risk is presently low.
GlobalProtect app on macOS exposes administrator-configured passcodes - used to restrict disabling, disconnecting, or uninstalling the endpoint agent - to unprivileged local users. A local user who reads the exposed passcode can then bypass endpoint protection controls that are specifically designed to prevent such actions, effectively disabling Palo Alto's endpoint security enforcement on the affected machine. No public exploit exists at time of analysis, and CVSS 4.0 supplemental metrics classify exploitation likelihood as 'Unreported' (E:U), though the impact on security posture is significant given that the passcode mechanism is the primary access control preventing users from circumventing GlobalProtect.
Stored cross-site scripting in Palo Alto Networks PAN-OS allows a malicious authenticated administrator to persist a JavaScript payload via the web management interface, enabling potential execution of that script in the browsers of other administrative users who view the affected interface element. Affected platforms include PA-Series and VM-Series physical and virtual firewalls as well as Panorama (both virtual appliances and M-Series hardware). The CVSS 4.0 base score of 1.1 reflects the extremely constrained exploitability: high-privilege access is a prerequisite and passive user interaction by a second victim is required. No public exploit identified at time of analysis.
Denial of service in Palo Alto Networks Prisma SD-WAN ION devices allows an unauthenticated attacker with adjacent network access to crash or disrupt the device by sending a specially crafted IPv6 packet. The vulnerability (CWE-606) exists across three active release branches of the ION software, with fixed versions available from Palo Alto Networks. No public exploit code exists and no active exploitation has been identified at time of analysis, with EPSS at 0.03% and SSVC confirming exploitation status as none.
Improper certificate validation in Palo Alto Networks Prisma SD-WAN ION allows an adjacent-network attacker positioned as a man-in-the-middle to impersonate the SD-WAN controller, achieving high confidentiality, integrity, and availability impact against the vulnerable device. Affected versions span three active release trains (6.3.x, 6.4.x, and 6.5.x), with fixed builds now available from Palo Alto Networks. No public exploit identified at time of analysis, and EPSS sits at 0.00%, but SSVC rates technical impact as total given the controller-impersonation capability.
Local privilege escalation in Palo Alto Networks Prisma Access Agent (all versions prior to 26.2.1) allows any locally authenticated non-administrative user to elevate to root on macOS and Linux, or NT AUTHORITY\SYSTEM on Windows, by exploiting a flawed privilege management mechanism. Successful exploitation grants full control of the affected endpoint, enabling arbitrary code execution and unauthorized access to data restricted to privileged accounts. No public exploit exists and the vulnerability is absent from CISA KEV; however, SSVC rates technical impact as total, making patching a meaningful priority for multi-user and enterprise endpoint environments.
Improper certificate validation in Palo Alto Networks GlobalProtect App exposes macOS and Android users to adversary-in-the-middle attacks from locally adjacent network positions, enabling traffic interception and malicious software installation. The flaw allows an unauthenticated attacker on the same subnet - or a local non-administrative OS user - to redirect encrypted VPN communications to a rogue server by bypassing TLS certificate checks. No public exploit has been identified at time of analysis, EPSS is effectively zero, and CISA SSVC rates exploitation as none, though the high confidentiality and integrity impact on the vulnerable component warrants prompt patching on affected platforms.
Buffer overflow in Palo Alto Networks GlobalProtect App (versions 6.0 through 6.3) allows an adjacent-network attacker positioned as a man-in-the-middle to corrupt memory during Portal/Gateway message processing, potentially executing arbitrary code with SYSTEM privileges on affected endpoints. Affected platforms include Windows (including the UWP variant), macOS, and other non-iOS clients; iOS is explicitly excluded by the vendor. No public exploit identified at time of analysis - EPSS stands at 0.01% and SSVC confirms no current exploitation - however the SSVC technical impact rating of 'total' and potential for full SYSTEM-level compromise justify prioritized patching for endpoints connecting from untrusted networks.
Content injection in Palo Alto Networks Broker VM 30.0 (versions prior to 30.0.24) allows an authenticated administrator with local access to inject arbitrary content into certain administrative fields within the appliance. The vulnerability carries a CVSS 4.0 score of 1.1, reflecting its highly constrained exploitation prerequisites: local access, low-privilege authentication, and limited integrity impact with no confidentiality or availability consequences. No public exploit identified at time of analysis, and SSVC assessment confirms no observed exploitation, making this a low-urgency finding for most organizations.
Local privilege escalation vulnerabilities in Palo Alto Networks GlobalProtect App on Windows, macOS, and Linux allow a low-privileged local user to elevate to NT AUTHORITY\SYSTEM (Windows) or root (macOS/Linux), enabling full OS-level command execution. The root cause is CWE-426 (Untrusted Search Path), where the application resolves executables or libraries from attacker-controllable locations. No public exploit has been identified and CISA SSVC confirms exploitation status as none; however, SSVC rates technical impact as total, reflecting the complete privilege gain achievable upon successful exploitation.
Stored cross-site scripting in Palo Alto Networks PAN-OS® web interface allows a malicious authenticated administrator to inject persistent JavaScript payloads that execute in the browsers of other users who view the affected pages. Affected deployments include PA-Series and VM-Series firewalls and Panorama (virtual and M-Series) running PAN-OS 10.2.x, 11.1.x, 11.2.x, and 12.1.x branches. No active exploitation is confirmed - EPSS stands at 0.04% (13th percentile), SSVC exploitation status is 'none', and no public exploit code has been identified at time of analysis. Vendor-released patches are available for all affected branches.
Authentication bypass in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS allows remote attackers to establish unauthorized VPN connections without valid credentials. The flaw is confirmed actively exploited (CISA KEV) and publicly available exploit code exists, though EPSS remains low at 0.05%, suggesting targeted rather than mass exploitation. Panorama and Cloud NGFW deployments are not affected, but PAN-OS firewalls and Prisma Access tenants running vulnerable trains are exposed.
Policy bypass in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to circumvent access and data control policies via a race condition, potentially exposing restricted data with high confidentiality impact to the vulnerable system. Affected versions span all releases prior to 146.16.6.165, per EUVD-2026-30087 and vendor advisory. No active exploitation is confirmed - the vulnerability is absent from CISA KEV, EPSS sits at 0.01% (3rd percentile), and SSVC assessment categorizes exploitation status as none - indicating this is a low-urgency but architecturally meaningful trust boundary weakness in an enterprise browser control product.
Server-side request forgery in the IKEv2 implementation of Palo Alto Networks PAN-OS allows unauthenticated remote attackers to coerce the firewall into issuing outbound network requests to arbitrary destinations or to trigger a denial-of-service condition. Affected are PAN-OS 10.2, 11.1, 11.2, and 12.1 branch trains; Panorama, Cloud NGFW, and Prisma Access are explicitly confirmed unaffected. No public exploit code has been identified and SSVC assessment confirms no current exploitation, though a vendor-released patch is available across all impacted branches.
Authenticated file read and delete in Palo Alto Networks WildFire WF-500 and WF-500-B on-premise sandboxing appliances exposes sensitive system information and permits arbitrary file deletion by low-privileged network users. The root cause is CWE-73 (External Control of File Name or Path), where user-supplied input is insufficiently validated before being used to construct file system paths. Exploitation is constrained to appliances running in the default non-FIPS configuration mode; organizations relying solely on the WildFire Public cloud service are not impacted. No public exploit has been identified at time of analysis, consistent with EPSS at 0.05% (16th percentile) and SSVC exploitation status of 'none'.
Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS allow an authenticated administrator to escape system restrictions and execute arbitrary commands with root-level privileges on affected firewalls and Panorama management platforms. Affected deployments include PA-Series and VM-Series firewalls and Panorama (virtual and M-Series appliances) across PAN-OS versions 10.2, 11.1, 11.2, and 12.1. An attacker who already holds administrative credentials and can reach the CLI or Web UI can leverage these flaws to fully compromise the underlying OS. No public exploit code exists and no KEV listing is present at time of analysis, consistent with the very low EPSS score of 0.08% (24th percentile).
Local code injection in Palo Alto Networks Prisma Browser on macOS lets an authenticated non-admin user abuse an exposed AppleScript/Apple Event handler to send unauthorized commands to the browser, with high impact on confidentiality and integrity. No public exploit identified at time of analysis, and EPSS is very low (0.02%), but SSVC rates the technical impact as total once the local foothold exists. Affects all Prisma Browser releases prior to 146.16.6.165 on macOS.
Multiple denial-of-service conditions in Palo Alto Networks PAN-OS allow unauthenticated remote attackers to crash or degrade firewall availability by sending specially crafted network traffic, with a high availability impact (VA:H) on the vulnerable system. Affected deployments span PAN-OS 10.2, 11.1, 11.2, and 12.1 branches as well as Prisma Access; vendor explicitly states Panorama and Cloud NGFW are not impacted, though Cloud NGFW appears in CPE strings - a discrepancy worth verifying. No public exploit identified at time of analysis, EPSS is very low (0.05%, 16th percentile), and SSVC classifies exploitation as none with non-automatable attack patterns, collectively suggesting a patch-cycle priority rather than an emergency response.
Local privilege escalation in Palo Alto Networks Prisma Browser on macOS allows a locally authenticated non-admin user to access an internal automation bridge that was insufficiently restricted, enabling unauthorized commands to be sent to the browser and bypassing built-in security controls. The flaw is tracked as CVE-2026-0237 with a CVSS 4.0 score of 7.3 and no public exploit identified at time of analysis, though SSVC rates the technical impact as total.
Remote code execution and denial-of-service in Palo Alto Networks PAN-OS software stems from a buffer overflow in the IKEv2 processing path, allowing unauthenticated network attackers to either crash the firewall or run arbitrary code with elevated privileges. The flaw affects multiple PAN-OS branches (11.1.x, 11.2.x, and 12.1.x) while Panorama, Cloud NGFW, and Prisma Access remain unaffected. There is no public exploit identified at time of analysis, EPSS sits at a low 0.06% (19th percentile), and CISA SSVC currently lists exploitation as 'none'.
Heap-based buffer overflow in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS allows unauthenticated remote attackers to trigger a denial-of-service condition across all PAN-OS platforms (except Cloud NGFW and Prisma Access) and potentially achieve arbitrary code execution on PA-Series hardware appliances via specially crafted network traffic. The flaw is rated CVSS 7.2 with high attack complexity; no public exploit identified at time of analysis and EPSS is 0.07%, but the technical impact is rated total by SSVC.
Authentication bypass in Palo Alto Networks PAN-OS allows unauthenticated network attackers to circumvent authentication controls when the Cloud Authentication Service (CAS) feature is enabled, with the highest risk when CAS is bound to the management interface. The flaw affects PA-Series and VM-Series firewalls as well as Panorama (virtual and M-Series); Cloud NGFW and Prisma Access are not impacted. No public exploit identified at time of analysis, and EPSS rates real-world exploitation probability low at 0.08%, but the high-value target profile and CWE-347 (Improper Verification of Cryptographic Signature) class - combined with the 'Jwt Attack' tag - warrant prompt patching.
Remote code execution in Palo Alto Networks PAN-OS User-ID Authentication Portal (Captive Portal) allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls via specially crafted packets. CISA KEV confirms active exploitation in the wild with publicly available exploit code. EPSS risk assessment is not provided, but the vulnerability achieves maximum impact with minimal attack complexity (CVSS 9.3, AV:N/AC:L/PR:N), making this a critical priority for immediate remediation. The attack surface is significantly reduced when access to the portal is restricted to trusted internal networks per vendor best practices.
Cortex XDR agent on Windows versions 7.9-CE through 9.0 allows authenticated local administrators to disable the agent through a protection mechanism bypass, enabling malware to operate undetected. The vulnerability requires high privileges and local access, but creates a critical detection evasion vector when exploited by administratively compromised systems or insider threats. No public exploit code or active exploitation has been reported at time of analysis.
Remote code execution in Palo Alto Networks Autonomous Digital Experience Manager on Windows via certificate validation bypass allows unauthenticated attackers with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges. CVSS score is 2.0 but reflects a physical adjacency attack vector (AV:P); real-world risk depends on network topology and whether the manager is exposed on trusted adjacent networks. No public exploit code or active exploitation has been confirmed at time of analysis.
An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting.
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection.
A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet.
An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so.
Unauthenticated remote attackers can crash Palo Alto Networks PAN-OS firewalls through repeated requests, forcing the devices into maintenance mode and causing denial of service. This vulnerability affects Palo Alto firewalls and Prisma Access deployments with no available patch, creating ongoing operational risk. The attack requires no authentication or user interaction and can be exploited over the network.
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the _internal index during the addition of new “Data Security Accounts“. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A sensitive information disclosure vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to retrieve sensitive data from Prisma Browser. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the. Rated low severity (CVSS 1.1), this vulnerability is low attack complexity. No vendor patch available.
An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to revert the browser’s security controls. Rated low severity (CVSS 1.1), this vulnerability is low attack complexity. No vendor patch available.
A denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper input neutralization in Palo Alto Networks PAN-OS management web interface allows authenticated high-privilege administrators to bypass system restrictions and execute arbitrary commands through command injection. The vulnerability affects PAN-OS across multiple versions (specific version ranges not independently confirmed from provided data), with a low EPSS exploitation probability (0.06%, 17th percentile) and no confirmed active exploitation or public proof-of-concept. Risk is significantly reduced when CLI access is restricted to a limited administrator group; Cloud NGFW and Prisma Access are unaffected.
An information exposure vulnerability in the Palo Alto Networks User-ID Credential Agent (Windows-based) can expose the service account password under specific non-default configurations. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.
A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in the cleartext exposure of the connectivity association key (CAK). Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.
A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud can result in the cleartext exposure of Prisma Cloud access keys in Checkov's output. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious. Rated medium severity (CVSS 4.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
CVE-2025-0141 is a security vulnerability (CVSS 8.4) that allows a locally authenticated non administrative user. High severity vulnerability requiring prompt remediation.
CVE-2025-0140 is a security vulnerability (CVSS 6.8) that allows a locally authenticated non administrative user. Remediation should follow standard vulnerability management procedures.
CVE-2025-0139 is a security vulnerability (CVSS 6.3) that allows a locally authenticated low privileged user. Remediation should follow standard vulnerability management procedures.
An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW and Prisma® Access are not affected by this vulnerability.
An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtect™ app allows certain packets to remain unencrypted instead of being properly secured within the tunnel. An attacker with physical access to the network can inject rogue devices to intercept these packets. Under normal operating conditions, the GlobalProtect app automatically recovers from this interception within one minute.
CVE-2025-4232 is an improper neutralization of wildcards vulnerability in Palo Alto Networks GlobalProtect app for macOS that allows non-administrative users to escalate privileges to root through the log collection feature. With a CVSS score of 8.8 and requiring only low complexity remote network access with low privileges, this vulnerability presents a critical privilege escalation risk. The attack requires user interaction only at the network level (not UI) and affects the confidentiality, integrity, and availability of affected systems.
Command injection vulnerability in Palo Alto Networks PAN-OS that allows an authenticated administrative user to execute arbitrary commands with root privileges. The vulnerability requires network access to the management web interface and successful authentication, making it a post-authentication remote code execution flaw. While the CVSS score of 7.2 is moderately high, the requirement for administrative credentials significantly limits its practical exploitability in most environments.
Command injection vulnerability in Palo Alto Networks PAN-OS that allows authenticated administrators with CLI access to bypass system restrictions and execute arbitrary commands with root privileges. The vulnerability affects on-premises PAN-OS deployments with CVSS 8.4, but risk is significantly reduced in environments where CLI access is restricted to a limited administrative group. Cloud NGFW and Prisma Access are not affected.
CVE-2025-4228 is a security vulnerability (CVSS 4.6) that allows an authenticated administrative user. Remediation should follow standard vulnerability management procedures.
CVE-2025-4233 is a security vulnerability (CVSS 5.1) that allows users. Remediation should follow standard vulnerability management procedures.
Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not expire when users are deleted, which makes Prisma Cloud Compute Edition susceptible to unauthorized. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series) leads to unencrypted data transfer. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.
A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary code with root privileges on the host operating system running Broker. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
An improper exception check in Palo Alto Networks Prisma Access Browser allows a low privileged user to prevent Prisma Access Browser from applying it's Policy Rules. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature. Rated medium severity (CVSS 5.9), this vulnerability is low attack complexity. No vendor patch available.
A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system. Rated medium severity (CVSS 6.3), this vulnerability is low attack complexity. No vendor patch available.
A denial-of-service (DoS) vulnerability in the Simple Certificate Enrollment Protocol (SCEP) authentication feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma® SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A null pointer dereference vulnerability in the Palo Alto Networks Cortex® XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.