CVE-2026-0300 in PAN-OS: exploitable RCE in User-ID Authentication Portal

Colleagues, a critical PAN-OS vulnerability (CVE-2026-0300) enabling remote code execution has been disclosed by Palo Alto.
What was found: a buffer overflow in the User-ID Authentication Portal (Captive Portal) allows an unauthenticated attacker to execute arbitrary code as root.
Who is affected: PA‑Series and VM‑Series instances with a publicly accessible portal. The vendor reports limited exploitation in the wild.
Mitigation: restrict portal access to trusted zones or disable it if not required; patches are expected on 13 May 2026.
Why it matters: a publicly accessible portal may enable full network compromise.
How do you plan to respond?
#cybersecurity #PaloAlto #vulnerabilities #PANOS


Latest comments
No comments yet.