Date: 2026/06/03
【Vulnerability Alert】Critical Security Vulnerability in Palo Alto Networks PAN-OS (CVE-2026-0257)
- Subject: 【Vulnerability Alert】Critical Security Vulnerability in Palo Alto Networks PAN-OS (CVE-2026-0257)
- Description:
- Forwarded from Taiwan Computer Emergency Response Team / Coordination Center Security Alert (TWCERTCC-200-202606-00000002)
- An authentication bypass vulnerability exists in the GlobalProtect portal and gateway features of Palo Alto Networks firewall operating system PAN-OS. An attacker could exploit this vulnerability to bypass security restrictions and establish unauthorized VPN connections.
- Affected Platforms:
- Versions prior to PAN-OS 10.2.10-h36
- Versions prior to PAN-OS 10.2.13-h21
- Versions prior to PAN-OS 10.2.16-h7
- Versions prior to PAN-OS 10.2.18-h6
- Versions prior to PAN-OS 10.2.7-h34
- Versions prior to PAN-OS 11.1.10-h25
- Versions prior to PAN-OS 11.1.13-h5
- Versions prior to PAN-OS 11.1.15
- Versions prior to PAN-OS 11.1.4-h33
- Versions prior to PAN-OS 11.1.6-h32
* Versions prior to PAN-OS 11.1.7-h6
- Versions prior to PAN-OS 11.2.10-h7
- Versions prior to PAN-OS 11.2.12
- Versions prior to PAN-OS 11.2.4-h17
- Versions prior to PAN-OS 11.2.7-h14
- Versions prior to PAN-OS 12.1.4-h6
- Versions prior to PAN-OS 12.1.7
- Versions prior to Prisma Access 10.2.10-h36
- Versions prior to Prisma Access 11.2.7-h13
- Recommended Actions:
- Apply patches according to the solution released on the official website: https://security.paloaltonetworks.com/CVE-2026-0257
Computer and Communication Center
Network Systems Division
