【Vulnerability Alert】Critical Security Vulnerability in Palo Alto Networks PAN-OS (CVE-2026-0257)

• Subject: 【Vulnerability Alert】Critical Security Vulnerability in Palo Alto Networks PAN-OS (CVE-2026-0257)

• Description:
  • Forwarded from Taiwan Computer Emergency Response Team / Coordination Center Security Alert (TWCERTCC-200-202606-00000002)
  • An authentication bypass vulnerability exists in the GlobalProtect portal and gateway features of Palo Alto Networks firewall operating system PAN-OS. An attacker could exploit this vulnerability to bypass security restrictions and establish unauthorized VPN connections.
• Affected Platforms:
  • Versions prior to PAN-OS 10.2.10-h36
  • Versions prior to PAN-OS 10.2.13-h21
  • Versions prior to PAN-OS 10.2.16-h7
  • Versions prior to PAN-OS 10.2.18-h6
  • Versions prior to PAN-OS 10.2.7-h34
  • Versions prior to PAN-OS 11.1.10-h25
  • Versions prior to PAN-OS 11.1.13-h5
  • Versions prior to PAN-OS 11.1.15
  • Versions prior to PAN-OS 11.1.4-h33
  • Versions prior to PAN-OS 11.1.6-h32

* Versions prior to PAN-OS 11.1.7-h6

• Versions prior to PAN-OS 11.2.10-h7
• Versions prior to PAN-OS 11.2.12
• Versions prior to PAN-OS 11.2.4-h17
• Versions prior to PAN-OS 11.2.7-h14
• Versions prior to PAN-OS 12.1.4-h6
• Versions prior to PAN-OS 12.1.7
• Versions prior to Prisma Access 10.2.10-h36
• Versions prior to Prisma Access 11.2.7-h13
• Recommended Actions:
• Apply patches according to the solution released on the official website: https://security.paloaltonetworks.com/CVE-2026-0257

Computer and Communication Center
Network Systems Division