Vulnerabilities

Palo Alto Networks Patches 13 Vulnerabilities

Buffer overflow, DoS, command injection, SSRF, authentication bypass, and other types of vulnerabilities have been found in PAN-OS software.

Palo Alto Networks on Wednesday published advisories describing more than a dozen vulnerabilities affecting its products.

The new advisories cover 13 vulnerabilities specific to Palo Alto Networks products, as well as more than 500 flaws patched recently by Google in Chromium, which the cybersecurity giant uses for its Prisma browser.

The most severe of the newly patched vulnerabilities is CVE-2026-0288. Assigned high severity and highest urgency ratings, the CVE covers multiple buffer overflows in the PAN-OS software, which powers Palo Alto’s firewalls.

An unauthenticated attacker with network access to the targeted firewall can cause a DoS condition and potentially achieve arbitrary code execution using specially crafted network traffic. 

While the vulnerability appears severe, the risk of exploitation is mitigated when organizations follow best practices and limit access to the User-ID Terminal Server Agent (TSA) to trusted internal IP addresses.

Seven of the newly patched flaws have a medium severity rating. Five of them affect PAN-OS and they can be exploited to cause a DoS condition, execute arbitrary OS commands as root, make unauthorized requests from the firewall to internal services, obtain information, and bypass authentication. The higher-impact issues require the attacker to be authenticated with admin privileges.

Advertisement. Scroll to continue reading.

The remaining medium-severity vulnerabilities impact Prisma Access Agent and they can be exploited for MitM attacks that enable VPN traffic interception and bypassing of DLP policy enforcement controls.

Five vulnerabilities have been assigned a low severity rating, although some have a moderate urgency rating. They can allow privilege escalation, code execution via XSS attacks, firewall policy bypassing, file deletion, and information disclosure.  

Palo Alto says it’s not aware of attacks exploiting these vulnerabilities. However, it’s not uncommon for threat actors to target flaws in the company’s products, so it’s important that organizations install the latest patches.

While several of the newly patched flaws were found by external researchers, the cybersecurity firm has reported a surge in internal vulnerability discovery thanks to its use of AI.

Related: Splunk, Palo Alto Networks Patch Severe Vulnerabilities

Related: Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls

Related: Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Related Content

Vulnerabilities

Unauthenticated attackers could obtain the broker's confidential OAuth client secret, allowing them to take control of the broker.

Email Security

The flaw results in malicious code embedded in crafted emails being executed when the emails are opened.

Vulnerabilities

The company notified customers to manually shut down their servers while it is investigating a credible threat.

Vulnerabilities

The privilege escalation vulnerability tracked as CVE-2026-50656 has been patched with a Microsoft Malware Protection Engine update.

Artificial Intelligence

Wiz has disclosed the details of a new AI coding assistant attack method it has dubbed GhostApproval.

Vulnerabilities

The security refresh resolves 13 use-after-free bugs, including two critical-severity flaws found by Google.

Vulnerabilities

Tracked as CVE-2026-11405, the vulnerability allows unauthenticated attackers to access a device's web management interface.

Artificial Intelligence

The "Rogue Agent" vulnerability could have enabled attackers to silently manipulate AI conversations, exfiltrate data, and compromise every Dialogflow CX agent within the same...

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version