VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

PAN-OS GlobalProtect (CVE-2026-0257): Authentication Bypass and Active Exploitation

PAN-OS GlobalProtect (CVE-2026-0257): обход аутентификации и активная эксплуатация

Colleagues—please note: active exploitation of PAN-OS GlobalProtect (CVE-2026-0257) has been observed.

- Palo Alto Networks confirms an authentication bypass via the GlobalProtect portal/gateway when authentication override cookies are enabled and a specific certificate configuration is present.
- Rapid7 recorded successful exploitation attempts on 17 and 21 May; in some cases attackers obtained VPN IP addresses and access to internal networks.
- Recommendations: urgently apply the vendor patch; as a temporary measure, disable authentication override or issue a dedicated certificate for this feature.

Why it matters: a VPN-gateway authentication bypass enables attackers to reach internal resources.

How are you planning to respond in your network?

#cybersecurity #VPN #PaloAlto #vulnerabilities

Latest comments

No comments yet.