Common Weakness Enumeration

CWE-787

Allowed-with-Review

Out-of-bounds Write

Abstraction: Base · Status: Draft

The product writes data past the end, or before the beginning, of the intended buffer.

15107 vulnerabilities reference this CWE, most recent first.

CVE-2026-0659 (GCVE-0-2026-0659)

Vulnerability from cvelistv5 – Published: 2026-02-04 16:01 – Updated: 2026-02-26 15:04
VLAI
Title
USD File Parsing Out-of-Bounds Write Vulnerability
Summary
A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Autodesk USD for Arnold Affected: 7.4.4.1 , < 7.4.4.2 (custom)
    cpe:2.3:a:autodesk:usd_for_arnold:arnold_usd_7.4.4.1:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk Arnold Affected: 7.4.4.1 , < 7.4.4.2 (custom)
    cpe:2.3:a:autodesk:arnold:7.4.4.2:*:*:*:*:*:*:*
Create a notification for this product.
Autodesk 3ds Max Affected: 2026.2 , < 2026.3.2 (custom)
    cpe:2.3:a:autodesk:3ds_max:2026.2:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0659",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-06T04:55:25.642059Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T15:04:20.838Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:usd_for_arnold:arnold_usd_7.4.4.1:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "USD for Arnold",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "7.4.4.2",
              "status": "affected",
              "version": "7.4.4.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:arnold:7.4.4.2:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Arnold",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "7.4.4.2",
              "status": "affected",
              "version": "7.4.4.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:3ds_max:2026.2:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "3ds Max",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3.2",
              "status": "affected",
              "version": "2026.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-04T16:01:27.307Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/Autodesk/arnold-usd"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0003"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "USD File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2026-0659",
    "datePublished": "2026-02-04T16:01:27.307Z",
    "dateReserved": "2026-01-06T19:58:21.363Z",
    "dateUpdated": "2026-02-26T15:04:20.838Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0538 (GCVE-0-2026-0538)

Vulnerability from cvelistv5 – Published: 2026-02-04 16:24 – Updated: 2026-06-03 13:33
VLAI
Title
GIF File Parsing Out-of-Bounds Write
Summary
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Autodesk 3ds Max Affected: 2026 , < 2026.3.2 (custom)
    cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0538",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-06T04:55:21.365758Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T15:04:20.268Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "3ds Max",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3.2",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-03T13:33:18.853Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0002"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "GIF File Parsing Out-of-Bounds Write",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2026-0538",
    "datePublished": "2026-02-04T16:24:36.976Z",
    "dateReserved": "2025-12-23T07:18:10.337Z",
    "dateUpdated": "2026-06-03T13:33:18.853Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0537 (GCVE-0-2026-0537)

Vulnerability from cvelistv5 – Published: 2026-02-04 16:26 – Updated: 2026-06-03 13:31
VLAI
Title
RGB File Parsing Memory Corruption
Summary
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Autodesk 3ds Max Affected: 2026 , < 2026.3.2 (custom)
    cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0537",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-06T04:55:23.158110Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T15:04:19.968Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "3ds Max",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3.2",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-03T13:31:03.149Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0002"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "RGB File Parsing Memory Corruption",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2026-0537",
    "datePublished": "2026-02-04T16:26:01.689Z",
    "dateReserved": "2025-12-23T07:17:33.132Z",
    "dateUpdated": "2026-06-03T13:31:03.149Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0536 (GCVE-0-2026-0536)

Vulnerability from cvelistv5 – Published: 2026-02-04 18:12 – Updated: 2026-02-26 15:04
VLAI
Title
GIF File Parsing Stack Based Buffer Overflow
Summary
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Autodesk 3ds Max Affected: 2026 , < 2026.3.2 (custom)
    cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0536",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-05T04:55:18.332251Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T15:04:18.760Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "3ds Max",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3.2",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-04T18:31:40.462Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0002"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "GIF File Parsing Stack Based Buffer Overflow",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2026-0536",
    "datePublished": "2026-02-04T18:12:56.985Z",
    "dateReserved": "2025-12-23T07:15:48.479Z",
    "dateUpdated": "2026-02-26T15:04:18.760Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0300 (GCVE-0-2026-0300)

Vulnerability from cvelistv5 – Published: 2026-05-06 18:57 – Updated: 2026-07-14 12:45
VLAI
Title
PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal
Summary
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.
SSVC
Exploitation: active Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Palo Alto Networks Cloud NGFW Unaffected: All (custom)
Create a notification for this product.
Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.7 (custom)
Affected: 11.2.0 , < 11.2.12 (custom)
Affected: 11.1.0 , < 11.1.15 (custom)
Affected: 10.2.0 , < 10.2.18-h6 (custom)
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
Create a notification for this product.
Palo Alto Networks Prisma Access Unaffected: All (custom)
Create a notification for this product.
Siemens RUGGEDCOM APE1808 Affected: 0 , < * (custom)
Create a notification for this product.
Date Public
2026-05-05 23:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0300",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-06T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2026-05-06",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-07T03:55:34.043Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-05-06T00:00:00.000Z",
            "value": "CVE-2026-0300 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "RUGGEDCOM APE1808",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-14T12:45:19.808Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-967325.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "12.1.7",
                  "status": "unaffected"
                },
                {
                  "at": "12.1.4-h5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "12.1.7",
              "status": "affected",
              "version": "12.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.2.12",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.10-h6",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.7-h13",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.4-h17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.12",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.15",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.13-h5",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.10-h25",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.7-h6",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.6-h32",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.4-h33",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.15",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.18-h6",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.16-h7",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.13-h21",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.10-h36",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.7-h34",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.18-h6",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis issue is applicable only to PA-Series and VM-Series firewalls that are configured to use User-ID\u2122 Authentication Portal.\u003cbr\u003e\u003cbr\u003eCustomers are impacted if both of the following conditions are true:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eUser-ID\u2122 Authentication Portal configured in the User-ID\u2122 Authentication Portal Settings page.  You can verify the configuration by going to Device \u0026gt; User Identification \u0026gt; Authentication Portal Settings -\u0026gt; Enable Authentication Portal (applies to both transparent and redirect modes) \u003cb\u003eand\u003c/b\u003e\u003c/li\u003e\u003cli\u003eAn interface management profile with response pages enabled and associated with an external/internet-accessible interface.  You can verify the configuration by going to Network \u0026gt; Interface \u0026gt; Select the interface \u0026gt; Advanced Tab \u0026gt; Create Management Interface Profile.\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "This issue is applicable only to PA-Series and VM-Series firewalls that are configured to use User-ID\u2122 Authentication Portal.\n\nCustomers are impacted if both of the following conditions are true:\n\n\n * User-ID\u2122 Authentication Portal configured in the User-ID\u2122 Authentication Portal Settings page. You can verify the configuration by going to Device \u003e User Identification \u003e Authentication Portal Settings -\u003e Enable Authentication Portal (applies to both transparent and redirect modes) and\n * An interface management profile with response pages enabled and associated with an external/internet-accessible interface. You can verify the configuration by going to Network \u003e Interface \u003e Select the interface \u003e Advanced Tab \u003e Create Management Interface Profile."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "12.1.4-h5",
                  "versionStartIncluding": "12.1.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "12.1.7",
                  "versionStartIncluding": "12.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.4-h17",
                  "versionStartIncluding": "11.2.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.7-h13",
                  "versionStartIncluding": "11.2.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.10-h6",
                  "versionStartIncluding": "11.2.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.12",
                  "versionStartIncluding": "11.2.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.4-h33",
                  "versionStartIncluding": "11.1.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.6-h32",
                  "versionStartIncluding": "11.1.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.7-h6",
                  "versionStartIncluding": "11.1.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.10-h25",
                  "versionStartIncluding": "11.1.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.13-h5",
                  "versionStartIncluding": "11.1.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.15",
                  "versionStartIncluding": "11.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.7-h34",
                  "versionStartIncluding": "10.2.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.10-h36",
                  "versionStartIncluding": "10.2.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.13-h21",
                  "versionStartIncluding": "10.2.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.16-h7",
                  "versionStartIncluding": "10.2.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.18-h6",
                  "versionStartIncluding": "10.2.18",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "datePublic": "2026-05-05T23:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA buffer overflow vulnerability in the User-ID\u2122 Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. \u003cbr\u003e\u003cbr\u003eThe risk of this issue is greatly reduced if you secure access to the User-ID\u2122 Authentication Portal per the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC\"\u003ebest practice guidelines\u003c/a\u003e by restricting access to only trusted internal IP addresses.\u003cbr\u003e\u003cbr\u003ePrisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability. \u003c/p\u003e"
            }
          ],
          "value": "A buffer overflow vulnerability in the User-ID\u2122 Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. \n\nThe risk of this issue is greatly reduced if you secure access to the User-ID\u2122 Authentication Portal per the  best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail  by restricting access to only trusted internal IP addresses.\n\nPrisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Limited exploitation has been observed targeting Palo Alto Networks User-ID\u2122 Authentication Portals that are exposed to untrusted IP addresses and/or the public internet. Customers following standard security best practices, such as restricting sensitive portals to trusted internal networks are at a greatly reduced risk."
            }
          ],
          "value": "Limited exploitation has been observed targeting Palo Alto Networks User-ID\u2122 Authentication Portals that are exposed to untrusted IP addresses and/or the public internet. Customers following standard security best practices, such as restricting sensitive portals to trusted internal networks are at a greatly reduced risk."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "ATTACKED",
            "privilegesRequired": "NONE",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/AU:Y/R:U/V:C/RE:M/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "The risk is highest when you configure the User-ID\u2122 Authentication Portal to enable access from the Internet or any untrusted network."
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "ATTACKED",
            "privilegesRequired": "NONE",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/AU:Y/R:U/V:C/RE:M/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "You can greatly reduce the risk of exploitation by restricting User-ID\u2122 Authentication Portal access to only trusted internal IP addresses and preventing its exposure to the internet."
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-06T22:09:48.796Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0300"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue will be fixed in upcoming releases of PAN-OS as captured in the table above.\u003cbr\u003e\u003cbr\u003eWe strongly recommend that you secure access to your User-ID\u2122 Authentication Portal following the instructions in the workarounds section below."
            }
          ],
          "value": "This issue will be fixed in upcoming releases of PAN-OS as captured in the table above.\n\nWe strongly recommend that you secure access to your User-ID\u2122 Authentication Portal following the instructions in the workarounds section below."
        }
      ],
      "source": {
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-06T17:27:00.000Z",
          "value": "Updated with Threat Prevention ID and clarified the Required Configuration section."
        },
        {
          "lang": "en",
          "time": "2026-05-05T23:00:00.000Z",
          "value": "Initial publication."
        }
      ],
      "title": "PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID\u2122 Authentication Portal",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Customers can mitigate the risk of this issue by taking either of the following actions:\u003cbr\u003e\u003cul\u003e\u003cli\u003eRestrict User-ID\u2122 Authentication Portal access to only trusted zones and in addition, disable Response Pages in the Interface Management Profile attached to every L3 interface in any zone where untrusted/internet traffic can ingress. Keep Response Pages enabled only on interfaces in trust/internal zones where legitimate users\u0027 browsers ingress. Refer to Step 6 of the following \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/general-articles/why-it-s-essential-to-secure-your-management-interface/ta-p/1001286\"\u003eLive Community article\u003c/a\u003e and \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC\"\u003eKnowledgebase article\u003c/a\u003e for steps to restrict access.\u003cbr\u003e\u003c/li\u003e\u003cli\u003eDisable User-ID\u2122 Authentication Portal if not required.\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID\u0026nbsp;510019 from Applications and Threats content version 9097-10022. Decoder capabilities necessitate PAN-OS 11.1 or a later version for Threat ID support."
            }
          ],
          "value": "Customers can mitigate the risk of this issue by taking either of the following actions:\n\n * Restrict User-ID\u2122 Authentication Portal access to only trusted zones and in addition, disable Response Pages in the Interface Management Profile attached to every L3 interface in any zone where untrusted/internet traffic can ingress. Keep Response Pages enabled only on interfaces in trust/internal zones where legitimate users\u0027 browsers ingress. Refer to Step 6 of the following Live Community article (https://live.paloaltonetworks.com/t5/general-articles/why-it-s-essential-to-secure-your-management-interface/ta-p/1001286) and Knowledgebase article (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC) for steps to restrict access.\n   \n * Disable User-ID\u2122 Authentication Portal if not required.\n   \n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510019 from Applications and Threats content version 9097-10022. Decoder capabilities necessitate PAN-OS 11.1 or a later version for Threat ID support."
        }
      ],
      "x_affectedList": [
        "PAN-OS 12.1.6",
        "PAN-OS 12.1.5",
        "PAN-OS 12.1.4-h3",
        "PAN-OS 12.1.4-h2",
        "PAN-OS 12.1.4",
        "PAN-OS 12.1.3-h3",
        "PAN-OS 12.1.3-h1",
        "PAN-OS 12.1.3",
        "PAN-OS 12.1.2",
        "PAN-OS 11.2.11",
        "PAN-OS 11.2.10-h4",
        "PAN-OS 11.2.10-h3",
        "PAN-OS 11.2.10-h2",
        "PAN-OS 11.2.10-h1",
        "PAN-OS 11.2.10",
        "PAN-OS 11.2.9",
        "PAN-OS 11.2.8",
        "PAN-OS 11.2.7-h11",
        "PAN-OS 11.2.7-h10",
        "PAN-OS 11.2.7-h8",
        "PAN-OS 11.2.7-h7",
        "PAN-OS 11.2.7-h4",
        "PAN-OS 11.2.7-h3",
        "PAN-OS 11.2.7-h2",
        "PAN-OS 11.2.7-h1",
        "PAN-OS 11.2.7",
        "PAN-OS 11.2.6",
        "PAN-OS 11.2.5",
        "PAN-OS 11.2.4-h15",
        "PAN-OS 11.2.4-h14",
        "PAN-OS 11.2.4-h12",
        "PAN-OS 11.2.4-h11",
        "PAN-OS 11.2.4-h10",
        "PAN-OS 11.2.4-h9",
        "PAN-OS 11.2.4-h8",
        "PAN-OS 11.2.4-h7",
        "PAN-OS 11.2.4-h6",
        "PAN-OS 11.2.4-h5",
        "PAN-OS 11.2.4-h4",
        "PAN-OS 11.2.4-h3",
        "PAN-OS 11.2.4-h2",
        "PAN-OS 11.2.4-h1",
        "PAN-OS 11.2.4",
        "PAN-OS 11.2.3-h5",
        "PAN-OS 11.2.3-h4",
        "PAN-OS 11.2.3-h3",
        "PAN-OS 11.2.3-h2",
        "PAN-OS 11.2.3-h1",
        "PAN-OS 11.2.3",
        "PAN-OS 11.2.2-h2",
        "PAN-OS 11.2.2-h1",
        "PAN-OS 11.2.1-h1",
        "PAN-OS 11.2.1",
        "PAN-OS 11.2.0-h1",
        "PAN-OS 11.2.0",
        "PAN-OS 11.1.13-h3",
        "PAN-OS 11.1.13-h2",
        "PAN-OS 11.1.13-h1",
        "PAN-OS 11.1.13",
        "PAN-OS 11.1.12",
        "PAN-OS 11.1.11",
        "PAN-OS 11.1.10-h21",
        "PAN-OS 11.1.10-h12",
        "PAN-OS 11.1.10-h10",
        "PAN-OS 11.1.10-h9",
        "PAN-OS 11.1.10-h7",
        "PAN-OS 11.1.10-h5",
        "PAN-OS 11.1.10-h4",
        "PAN-OS 11.1.10-h1",
        "PAN-OS 11.1.10",
        "PAN-OS 11.1.9",
        "PAN-OS 11.1.8",
        "PAN-OS 11.1.6-h29",
        "PAN-OS 11.1.6-h25",
        "PAN-OS 11.1.6-h23",
        "PAN-OS 11.1.6-h22",
        "PAN-OS 11.1.6-h21",
        "PAN-OS 11.1.6-h20",
        "PAN-OS 11.1.6-h19",
        "PAN-OS 11.1.6-h18",
        "PAN-OS 11.1.6-h17",
        "PAN-OS 11.1.6-h14",
        "PAN-OS 11.1.6-h10",
        "PAN-OS 11.1.6-h7",
        "PAN-OS 11.1.6-h6",
        "PAN-OS 11.1.6-h4",
        "PAN-OS 11.1.6-h3",
        "PAN-OS 11.1.6-h2",
        "PAN-OS 11.1.6-h1",
        "PAN-OS 11.1.6",
        "PAN-OS 11.1.5-h1",
        "PAN-OS 11.1.5",
        "PAN-OS 11.1.4-h27",
        "PAN-OS 11.1.4-h25",
        "PAN-OS 11.1.4-h18",
        "PAN-OS 11.1.4-h17",
        "PAN-OS 11.1.4-h15",
        "PAN-OS 11.1.4-h13",
        "PAN-OS 11.1.4-h12",
        "PAN-OS 11.1.4-h11",
        "PAN-OS 11.1.4-h10",
        "PAN-OS 11.1.4-h9",
        "PAN-OS 11.1.4-h8",
        "PAN-OS 11.1.4-h7",
        "PAN-OS 11.1.4-h6",
        "PAN-OS 11.1.4-h5",
        "PAN-OS 11.1.4-h4",
        "PAN-OS 11.1.4-h3",
        "PAN-OS 11.1.4-h2",
        "PAN-OS 11.1.4-h1",
        "PAN-OS 11.1.4",
        "PAN-OS 11.1.3-h13",
        "PAN-OS 11.1.3-h12",
        "PAN-OS 11.1.3-h11",
        "PAN-OS 11.1.3-h10",
        "PAN-OS 11.1.3-h9",
        "PAN-OS 11.1.3-h8",
        "PAN-OS 11.1.3-h7",
        "PAN-OS 11.1.3-h6",
        "PAN-OS 11.1.3-h5",
        "PAN-OS 11.1.3-h4",
        "PAN-OS 11.1.3-h3",
        "PAN-OS 11.1.3-h2",
        "PAN-OS 11.1.3-h1",
        "PAN-OS 11.1.3",
        "PAN-OS 11.1.2-h18",
        "PAN-OS 11.1.2-h17",
        "PAN-OS 11.1.2-h16",
        "PAN-OS 11.1.2-h15",
        "PAN-OS 11.1.2-h14",
        "PAN-OS 11.1.2-h13",
        "PAN-OS 11.1.2-h12",
        "PAN-OS 11.1.2-h11",
        "PAN-OS 11.1.2-h10",
        "PAN-OS 11.1.2-h9",
        "PAN-OS 11.1.2-h8",
        "PAN-OS 11.1.2-h7",
        "PAN-OS 11.1.2-h6",
        "PAN-OS 11.1.2-h5",
        "PAN-OS 11.1.2-h4",
        "PAN-OS 11.1.2-h3",
        "PAN-OS 11.1.2-h2",
        "PAN-OS 11.1.2-h1",
        "PAN-OS 11.1.2",
        "PAN-OS 11.1.1-h2",
        "PAN-OS 11.1.1-h1",
        "PAN-OS 11.1.1",
        "PAN-OS 11.1.0-h4",
        "PAN-OS 11.1.0-h3",
        "PAN-OS 11.1.0-h2",
        "PAN-OS 11.1.0-h1",
        "PAN-OS 11.1.0",
        "PAN-OS 10.2.18-h1",
        "PAN-OS 10.2.18",
        "PAN-OS 10.2.17",
        "PAN-OS 10.2.16-h6",
        "PAN-OS 10.2.16-h4",
        "PAN-OS 10.2.16-h1",
        "PAN-OS 10.2.16",
        "PAN-OS 10.2.15",
        "PAN-OS 10.2.14-h1",
        "PAN-OS 10.2.14",
        "PAN-OS 10.2.13-h18",
        "PAN-OS 10.2.13-h16",
        "PAN-OS 10.2.13-h15",
        "PAN-OS 10.2.13-h10",
        "PAN-OS 10.2.13-h7",
        "PAN-OS 10.2.13-h5",
        "PAN-OS 10.2.13-h4",
        "PAN-OS 10.2.13-h3",
        "PAN-OS 10.2.13-h2",
        "PAN-OS 10.2.13-h1",
        "PAN-OS 10.2.13",
        "PAN-OS 10.2.12-h6",
        "PAN-OS 10.2.12-h5",
        "PAN-OS 10.2.12-h4",
        "PAN-OS 10.2.12-h3",
        "PAN-OS 10.2.12-h2",
        "PAN-OS 10.2.12-h1",
        "PAN-OS 10.2.12",
        "PAN-OS 10.2.11-h13",
        "PAN-OS 10.2.11-h12",
        "PAN-OS 10.2.11-h11",
        "PAN-OS 10.2.11-h10",
        "PAN-OS 10.2.11-h9",
        "PAN-OS 10.2.11-h8",
        "PAN-OS 10.2.11-h7",
        "PAN-OS 10.2.11-h6",
        "PAN-OS 10.2.11-h5",
        "PAN-OS 10.2.11-h4",
        "PAN-OS 10.2.11-h3",
        "PAN-OS 10.2.11-h2",
        "PAN-OS 10.2.11-h1",
        "PAN-OS 10.2.11",
        "PAN-OS 10.2.10-h31",
        "PAN-OS 10.2.10-h30",
        "PAN-OS 10.2.10-h27",
        "PAN-OS 10.2.10-h26",
        "PAN-OS 10.2.10-h23",
        "PAN-OS 10.2.10-h21",
        "PAN-OS 10.2.10-h18",
        "PAN-OS 10.2.10-h17",
        "PAN-OS 10.2.10-h14",
        "PAN-OS 10.2.10-h13",
        "PAN-OS 10.2.10-h12",
        "PAN-OS 10.2.10-h11",
        "PAN-OS 10.2.10-h10",
        "PAN-OS 10.2.10-h9",
        "PAN-OS 10.2.10-h8",
        "PAN-OS 10.2.10-h7",
        "PAN-OS 10.2.10-h6",
        "PAN-OS 10.2.10-h5",
        "PAN-OS 10.2.10-h4",
        "PAN-OS 10.2.10-h3",
        "PAN-OS 10.2.10-h2",
        "PAN-OS 10.2.10-h1",
        "PAN-OS 10.2.10",
        "PAN-OS 10.2.9-h21",
        "PAN-OS 10.2.9-h20",
        "PAN-OS 10.2.9-h19",
        "PAN-OS 10.2.9-h18",
        "PAN-OS 10.2.9-h17",
        "PAN-OS 10.2.9-h16",
        "PAN-OS 10.2.9-h15",
        "PAN-OS 10.2.9-h14",
        "PAN-OS 10.2.9-h13",
        "PAN-OS 10.2.9-h12",
        "PAN-OS 10.2.9-h11",
        "PAN-OS 10.2.9-h10",
        "PAN-OS 10.2.9-h9",
        "PAN-OS 10.2.9-h8",
        "PAN-OS 10.2.9-h7",
        "PAN-OS 10.2.9-h6",
        "PAN-OS 10.2.9-h5",
        "PAN-OS 10.2.9-h4",
        "PAN-OS 10.2.9-h3",
        "PAN-OS 10.2.9-h2",
        "PAN-OS 10.2.9-h1",
        "PAN-OS 10.2.9",
        "PAN-OS 10.2.8-h21",
        "PAN-OS 10.2.8-h20",
        "PAN-OS 10.2.8-h19",
        "PAN-OS 10.2.8-h18",
        "PAN-OS 10.2.8-h17",
        "PAN-OS 10.2.8-h16",
        "PAN-OS 10.2.8-h15",
        "PAN-OS 10.2.8-h14",
        "PAN-OS 10.2.8-h13",
        "PAN-OS 10.2.8-h12",
        "PAN-OS 10.2.8-h11",
        "PAN-OS 10.2.8-h10",
        "PAN-OS 10.2.8-h9",
        "PAN-OS 10.2.8-h8",
        "PAN-OS 10.2.8-h7",
        "PAN-OS 10.2.8-h6",
        "PAN-OS 10.2.8-h5",
        "PAN-OS 10.2.8-h4",
        "PAN-OS 10.2.8-h3",
        "PAN-OS 10.2.8-h2",
        "PAN-OS 10.2.8-h1",
        "PAN-OS 10.2.8",
        "PAN-OS 10.2.7-h32",
        "PAN-OS 10.2.7-h24",
        "PAN-OS 10.2.7-h23",
        "PAN-OS 10.2.7-h22",
        "PAN-OS 10.2.7-h21",
        "PAN-OS 10.2.7-h20",
        "PAN-OS 10.2.7-h19",
        "PAN-OS 10.2.7-h18",
        "PAN-OS 10.2.7-h17",
        "PAN-OS 10.2.7-h16",
        "PAN-OS 10.2.7-h15",
        "PAN-OS 10.2.7-h14",
        "PAN-OS 10.2.7-h13",
        "PAN-OS 10.2.7-h12",
        "PAN-OS 10.2.7-h11",
        "PAN-OS 10.2.7-h10",
        "PAN-OS 10.2.7-h9",
        "PAN-OS 10.2.7-h8",
        "PAN-OS 10.2.7-h7",
        "PAN-OS 10.2.7-h6",
        "PAN-OS 10.2.7-h5",
        "PAN-OS 10.2.7-h4",
        "PAN-OS 10.2.7-h3",
        "PAN-OS 10.2.7-h2",
        "PAN-OS 10.2.7-h1",
        "PAN-OS 10.2.7",
        "PAN-OS 10.2.6-h6",
        "PAN-OS 10.2.6-h5",
        "PAN-OS 10.2.6-h4",
        "PAN-OS 10.2.6-h3",
        "PAN-OS 10.2.6-h2",
        "PAN-OS 10.2.6-h1",
        "PAN-OS 10.2.6",
        "PAN-OS 10.2.5-h9",
        "PAN-OS 10.2.5-h8",
        "PAN-OS 10.2.5-h7",
        "PAN-OS 10.2.5-h6",
        "PAN-OS 10.2.5-h5",
        "PAN-OS 10.2.5-h4",
        "PAN-OS 10.2.5-h3",
        "PAN-OS 10.2.5-h2",
        "PAN-OS 10.2.5-h1",
        "PAN-OS 10.2.5",
        "PAN-OS 10.2.4-h32",
        "PAN-OS 10.2.4-h31",
        "PAN-OS 10.2.4-h30",
        "PAN-OS 10.2.4-h29",
        "PAN-OS 10.2.4-h28",
        "PAN-OS 10.2.4-h27",
        "PAN-OS 10.2.4-h26",
        "PAN-OS 10.2.4-h25",
        "PAN-OS 10.2.4-h24",
        "PAN-OS 10.2.4-h23",
        "PAN-OS 10.2.4-h22",
        "PAN-OS 10.2.4-h21",
        "PAN-OS 10.2.4-h20",
        "PAN-OS 10.2.4-h19",
        "PAN-OS 10.2.4-h18",
        "PAN-OS 10.2.4-h17",
        "PAN-OS 10.2.4-h16",
        "PAN-OS 10.2.4-h15",
        "PAN-OS 10.2.4-h14",
        "PAN-OS 10.2.4-h13",
        "PAN-OS 10.2.4-h12",
        "PAN-OS 10.2.4-h11",
        "PAN-OS 10.2.4-h10",
        "PAN-OS 10.2.4-h9",
        "PAN-OS 10.2.4-h8",
        "PAN-OS 10.2.4-h7",
        "PAN-OS 10.2.4-h6",
        "PAN-OS 10.2.4-h5",
        "PAN-OS 10.2.4-h4",
        "PAN-OS 10.2.4-h3",
        "PAN-OS 10.2.4-h2",
        "PAN-OS 10.2.4-h1",
        "PAN-OS 10.2.4",
        "PAN-OS 10.2.3-h14",
        "PAN-OS 10.2.3-h13",
        "PAN-OS 10.2.3-h12",
        "PAN-OS 10.2.3-h11",
        "PAN-OS 10.2.3-h10",
        "PAN-OS 10.2.3-h9",
        "PAN-OS 10.2.3-h8",
        "PAN-OS 10.2.3-h7",
        "PAN-OS 10.2.3-h6",
        "PAN-OS 10.2.3-h5",
        "PAN-OS 10.2.3-h4",
        "PAN-OS 10.2.3-h3",
        "PAN-OS 10.2.3-h2",
        "PAN-OS 10.2.3-h1",
        "PAN-OS 10.2.3",
        "PAN-OS 10.2.2-h6",
        "PAN-OS 10.2.2-h5",
        "PAN-OS 10.2.2-h4",
        "PAN-OS 10.2.2-h3",
        "PAN-OS 10.2.2-h2",
        "PAN-OS 10.2.2-h1",
        "PAN-OS 10.2.2",
        "PAN-OS 10.2.1-h3",
        "PAN-OS 10.2.1-h2",
        "PAN-OS 10.2.1-h1",
        "PAN-OS 10.2.1",
        "PAN-OS 10.2.0-h4",
        "PAN-OS 10.2.0-h3",
        "PAN-OS 10.2.0-h2",
        "PAN-OS 10.2.0-h1",
        "PAN-OS 10.2.0"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0300",
    "datePublished": "2026-05-06T18:57:39.876Z",
    "dateReserved": "2025-11-03T20:44:58.173Z",
    "dateUpdated": "2026-07-14T12:45:19.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0288 (GCVE-0-2026-0288)

Vulnerability from cvelistv5 – Published: 2026-07-08 20:14 – Updated: 2026-07-09 18:48
VLAI
Title
PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
Summary
Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic. The security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. . Panorama is not impacted by this vulnerability.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Palo Alto Networks Cloud NGFW Unaffected: All (custom)
Create a notification for this product.
Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.8 (custom)
Affected: 11.2.0 , < 11.2.13 (custom)
Affected: 11.1.0 , < 11.1.16 (custom)
Affected: 10.2.0 , < 10.2.7-h36 (custom)
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*
Create a notification for this product.
Palo Alto Networks Prisma Access Affected: 11.2.0 , < 11.2.7-h18 (custom)
Affected: 10.2.0 , < 10.2.10-h39 (custom)
Create a notification for this product.
Date Public
2026-07-08 16:00
Credits
Liang Zhu
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0288",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-09T03:55:51.922548Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-09T13:54:42.864Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "platforms": [
            "AWS",
            "Azure"
          ],
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "12.1.8",
                  "status": "unaffected"
                },
                {
                  "at": "12.1.7-h2",
                  "status": "unaffected"
                },
                {
                  "at": "12.1.4-h8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "12.1.8",
              "status": "affected",
              "version": "12.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.2.13",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.10-h12",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.7-h18",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.4-h20",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.13",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.16",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.13-h9",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.10-h30",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.7-h8",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.6-h35",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.4-h35",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.16",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.18-h8",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.16-h9",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.13-h23",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.10-h39",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.7-h36",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.7-h36",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "11.2.7-h18",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.7-h18",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.10-h39",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.10-h39",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cspan\u003eThis issue only affects PAN-OS devices with at least one Terminal Server Agent (TSA) entry configured\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003cspan\u003eTo check if a PAN-OS device has a Terminal Server Agent configured, navigate to:\u003c/span\u003e\u003cb\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/b\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/help/12-1/user-identification/device-user-identification-terminal-services-agents\"\u003e\u003cspan\u003eDevice \u0026gt; User Identification \u0026gt; Terminal Server Agents\u003c/span\u003e\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "This issue only affects PAN-OS devices with at least one Terminal Server Agent (TSA) entry configured\n\nTo check if a PAN-OS device has a Terminal Server Agent configured, navigate to:\n\n Device \u003e User Identification \u003e Terminal Server Agents https://docs.paloaltonetworks.com/ngfw/help/12-1/user-identification/device-user-identification-terminal-services-agents"
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "12.1.8",
                  "versionStartIncluding": "12.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "12.1.7-h2",
                  "versionStartIncluding": "12.1.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "12.1.4-h8",
                  "versionStartIncluding": "12.1.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.13",
                  "versionStartIncluding": "11.2.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.10-h12",
                  "versionStartIncluding": "11.2.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.7-h18",
                  "versionStartIncluding": "11.2.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.4-h20",
                  "versionStartIncluding": "11.2.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.16",
                  "versionStartIncluding": "11.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.13-h9",
                  "versionStartIncluding": "11.1.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.10-h30",
                  "versionStartIncluding": "11.1.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.7-h8",
                  "versionStartIncluding": "11.1.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.6-h35",
                  "versionStartIncluding": "11.1.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.4-h35",
                  "versionStartIncluding": "11.1.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.18-h8",
                  "versionStartIncluding": "10.2.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.16-h9",
                  "versionStartIncluding": "10.2.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.13-h23",
                  "versionStartIncluding": "10.2.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.10-h39",
                  "versionStartIncluding": "10.2.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.7-h36",
                  "versionStartIncluding": "10.2.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.7-h18",
                  "versionStartIncluding": "11.2.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.10-h39",
                  "versionStartIncluding": "10.2.10",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Liang Zhu"
        }
      ],
      "datePublic": "2026-07-08T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMultiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic.\u003cb\u003e\u003cbr\u003e\u003cbr\u003e\u003c/b\u003eThe security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only.\"\u003e best practice deployment guidelines\u003c/a\u003e.\u003cb\u003e\u003cbr\u003e\u003cbr\u003e\u003c/b\u003e\u003cspan\u003ePanorama is not impacted by this vulnerability.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic.\n\nThe security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. .\n\nPanorama is not impacted by this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "The risk is highest when you configure the User-ID Terminal Server Agent (TSA) IP and port access from the Internet or any untrusted network."
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 5.2,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "You can reduce the risk of exploitation by restricting User-ID Terminal Server Agent (TSA) IP and port access to only trusted internal IP addresses and preventing its exposure to the internet."
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "The risk of exploitation is lower for Prisma Access as it requires an authenticated user and the external network access to the User-ID Terminal Server Agent (TSA) IP and port is restricted."
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-09T18:48:32.880Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "name": "https://security.paloaltonetworks.com/CVE-2026-PAN-323400",
          "url": "https://security.paloaltonetworks.com/"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eCloud NGFW\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 12.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.5 through 12.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.7-h2 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 12.1.4-h8 or 12.1.8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.12\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.10-h12 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.4-h20 or 11.2.13 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.15\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.13-h9 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.10-h30 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.7-h8 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.6-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.6-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.1.4-h35 or 11.1.16 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.18-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.18-h8 or later.\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.16-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.16-h9 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.13-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.13-h23 or later.\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.10-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.7-h*\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.7-h36 or later.\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePrisma Access 11.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e11.2.0 through 11.2.7\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 11.2.7-h18 or later.*\u003c/td\u003e\n                            \u003c/tr\u003e\u003ctr\u003e\n                                \u003ctd\u003ePrisma Access 10.2\u003cbr\u003e\u003c/td\u003e\n                                \u003ctd\u003e10.2.0 through 10.2.10\u003c/td\u003e\n                                \u003ctd\u003eUpgrade to 10.2.10-h39 or later.*\u003cbr\u003e\u003c/td\u003e\n                            \u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e* See the note under Product Status for information regarding Prisma Access upgrades."
            }
          ],
          "value": "Version\nMinor Version\nSuggested Solution\nCloud NGFWNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.0 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.10-h*\n                                Upgrade to 11.2.10-h12 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.0 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.0 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \u00a010.2.0 through 10.2.16-h*Upgrade to 10.2.16-h9 or later.\n                                \n                                10.2.0 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n\n                            \n                                \n                                10.2.0 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n\n                            All older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.\n                                Prisma Access 11.2\n\n                                11.2.0 through 11.2.7\n                                Upgrade to 11.2.7-h18 or later.*\n                            \n                                Prisma Access 10.2\n\n                                10.2.0 through 10.2.10\n                                Upgrade to 10.2.10-h39 or later.*\n\n                            \n* See the note under Product Status for information regarding Prisma Access upgrades."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-08T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you restrict your User-ID Terminal Server Agent connectivity to only trusted internal IP addresses according to our\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only.\"\u003ebest practice deployment guidelines\u003c/a\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "The vast majority of firewalls already follow Palo Alto Networks\u0027 and industry best practices. However, if you have not already, we strongly recommend that you restrict your User-ID Terminal Server Agent connectivity to only trusted internal IP addresses according to our\u00a0 best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only."
        }
      ],
      "x_affectedList": [
        "PAN-OS 12.1.7",
        "PAN-OS 12.1.6",
        "PAN-OS 12.1.5",
        "PAN-OS 12.1.4-h6",
        "PAN-OS 12.1.4-h5",
        "PAN-OS 12.1.4-h3",
        "PAN-OS 12.1.4-h2",
        "PAN-OS 12.1.4",
        "PAN-OS 12.1.3-h3",
        "PAN-OS 12.1.3-h1",
        "PAN-OS 12.1.3",
        "PAN-OS 12.1.2",
        "PAN-OS 11.2.12",
        "PAN-OS 11.2.11",
        "PAN-OS 11.2.10-h8",
        "PAN-OS 11.2.10-h7",
        "PAN-OS 11.2.10-h6",
        "PAN-OS 11.2.10-h5",
        "PAN-OS 11.2.10-h4",
        "PAN-OS 11.2.10-h3",
        "PAN-OS 11.2.10-h2",
        "PAN-OS 11.2.10-h1",
        "PAN-OS 11.2.10",
        "PAN-OS 11.2.9",
        "PAN-OS 11.2.8",
        "PAN-OS 11.2.7-h15",
        "PAN-OS 11.2.7-h14",
        "PAN-OS 11.2.7-h13",
        "PAN-OS 11.2.7-h12",
        "PAN-OS 11.2.7-h11",
        "PAN-OS 11.2.7-h10",
        "PAN-OS 11.2.7-h8",
        "PAN-OS 11.2.7-h7",
        "PAN-OS 11.2.7-h4",
        "PAN-OS 11.2.7-h3",
        "PAN-OS 11.2.7-h2",
        "PAN-OS 11.2.7-h1",
        "PAN-OS 11.2.7",
        "PAN-OS 11.2.6",
        "PAN-OS 11.2.5",
        "PAN-OS 11.2.4-h17",
        "PAN-OS 11.2.4-h15",
        "PAN-OS 11.2.4-h14",
        "PAN-OS 11.2.4-h12",
        "PAN-OS 11.2.4-h11",
        "PAN-OS 11.2.4-h10",
        "PAN-OS 11.2.4-h9",
        "PAN-OS 11.2.4-h8",
        "PAN-OS 11.2.4-h7",
        "PAN-OS 11.2.4-h6",
        "PAN-OS 11.2.4-h5",
        "PAN-OS 11.2.4-h4",
        "PAN-OS 11.2.4-h3",
        "PAN-OS 11.2.4-h2",
        "PAN-OS 11.2.4-h1",
        "PAN-OS 11.2.4",
        "PAN-OS 11.2.3-h5",
        "PAN-OS 11.2.3-h4",
        "PAN-OS 11.2.3-h3",
        "PAN-OS 11.2.3-h2",
        "PAN-OS 11.2.3-h1",
        "PAN-OS 11.2.3",
        "PAN-OS 11.2.2-h2",
        "PAN-OS 11.2.2-h1",
        "PAN-OS 11.2.1-h1",
        "PAN-OS 11.2.1",
        "PAN-OS 11.2.0-h1",
        "PAN-OS 11.2.0",
        "PAN-OS 11.1.15",
        "PAN-OS 11.1.14",
        "PAN-OS 11.1.13-h6",
        "PAN-OS 11.1.13-h5",
        "PAN-OS 11.1.13-h3",
        "PAN-OS 11.1.13-h2",
        "PAN-OS 11.1.13-h1",
        "PAN-OS 11.1.13",
        "PAN-OS 11.1.12",
        "PAN-OS 11.1.11",
        "PAN-OS 11.1.10-h26",
        "PAN-OS 11.1.10-h25",
        "PAN-OS 11.1.10-h21",
        "PAN-OS 11.1.10-h12",
        "PAN-OS 11.1.10-h10",
        "PAN-OS 11.1.10-h9",
        "PAN-OS 11.1.10-h7",
        "PAN-OS 11.1.10-h5",
        "PAN-OS 11.1.10-h4",
        "PAN-OS 11.1.10-h1",
        "PAN-OS 11.1.10",
        "PAN-OS 11.1.9",
        "PAN-OS 11.1.8",
        "PAN-OS 11.1.6-h32",
        "PAN-OS 11.1.6-h29",
        "PAN-OS 11.1.6-h25",
        "PAN-OS 11.1.6-h23",
        "PAN-OS 11.1.6-h22",
        "PAN-OS 11.1.6-h21",
        "PAN-OS 11.1.6-h20",
        "PAN-OS 11.1.6-h19",
        "PAN-OS 11.1.6-h18",
        "PAN-OS 11.1.6-h17",
        "PAN-OS 11.1.6-h14",
        "PAN-OS 11.1.6-h10",
        "PAN-OS 11.1.6-h7",
        "PAN-OS 11.1.6-h6",
        "PAN-OS 11.1.6-h4",
        "PAN-OS 11.1.6-h3",
        "PAN-OS 11.1.6-h2",
        "PAN-OS 11.1.6-h1",
        "PAN-OS 11.1.6",
        "PAN-OS 11.1.5-h1",
        "PAN-OS 11.1.5",
        "PAN-OS 11.1.4-h33",
        "PAN-OS 11.1.4-h32",
        "PAN-OS 11.1.4-h27",
        "PAN-OS 11.1.4-h25",
        "PAN-OS 11.1.4-h18",
        "PAN-OS 11.1.4-h17",
        "PAN-OS 11.1.4-h15",
        "PAN-OS 11.1.4-h13",
        "PAN-OS 11.1.4-h12",
        "PAN-OS 11.1.4-h11",
        "PAN-OS 11.1.4-h10",
        "PAN-OS 11.1.4-h9",
        "PAN-OS 11.1.4-h8",
        "PAN-OS 11.1.4-h7",
        "PAN-OS 11.1.4-h6",
        "PAN-OS 11.1.4-h5",
        "PAN-OS 11.1.4-h4",
        "PAN-OS 11.1.4-h3",
        "PAN-OS 11.1.4-h2",
        "PAN-OS 11.1.4-h1",
        "PAN-OS 11.1.4",
        "PAN-OS 11.1.3-h13",
        "PAN-OS 11.1.3-h12",
        "PAN-OS 11.1.3-h11",
        "PAN-OS 11.1.3-h10",
        "PAN-OS 11.1.3-h9",
        "PAN-OS 11.1.3-h8",
        "PAN-OS 11.1.3-h7",
        "PAN-OS 11.1.3-h6",
        "PAN-OS 11.1.3-h5",
        "PAN-OS 11.1.3-h4",
        "PAN-OS 11.1.3-h3",
        "PAN-OS 11.1.3-h2",
        "PAN-OS 11.1.3-h1",
        "PAN-OS 11.1.3",
        "PAN-OS 11.1.2-h18",
        "PAN-OS 11.1.2-h17",
        "PAN-OS 11.1.2-h16",
        "PAN-OS 11.1.2-h15",
        "PAN-OS 11.1.2-h14",
        "PAN-OS 11.1.2-h13",
        "PAN-OS 11.1.2-h12",
        "PAN-OS 11.1.2-h11",
        "PAN-OS 11.1.2-h10",
        "PAN-OS 11.1.2-h9",
        "PAN-OS 11.1.2-h8",
        "PAN-OS 11.1.2-h7",
        "PAN-OS 11.1.2-h6",
        "PAN-OS 11.1.2-h5",
        "PAN-OS 11.1.2-h4",
        "PAN-OS 11.1.2-h3",
        "PAN-OS 11.1.2-h2",
        "PAN-OS 11.1.2-h1",
        "PAN-OS 11.1.2",
        "PAN-OS 11.1.1-h2",
        "PAN-OS 11.1.1-h1",
        "PAN-OS 11.1.1",
        "PAN-OS 11.1.0-h4",
        "PAN-OS 11.1.0-h3",
        "PAN-OS 11.1.0-h2",
        "PAN-OS 11.1.0-h1",
        "PAN-OS 11.1.0",
        "PAN-OS 10.2.18-h6",
        "PAN-OS 10.2.18-h5",
        "PAN-OS 10.2.18-h1",
        "PAN-OS 10.2.18",
        "PAN-OS 10.2.17",
        "PAN-OS 10.2.16-h7",
        "PAN-OS 10.2.16-h6",
        "PAN-OS 10.2.16-h4",
        "PAN-OS 10.2.16-h1",
        "PAN-OS 10.2.16",
        "PAN-OS 10.2.15",
        "PAN-OS 10.2.14-h1",
        "PAN-OS 10.2.14",
        "PAN-OS 10.2.13-h21",
        "PAN-OS 10.2.13-h18",
        "PAN-OS 10.2.13-h16",
        "PAN-OS 10.2.13-h15",
        "PAN-OS 10.2.13-h10",
        "PAN-OS 10.2.13-h7",
        "PAN-OS 10.2.13-h5",
        "PAN-OS 10.2.13-h4",
        "PAN-OS 10.2.13-h3",
        "PAN-OS 10.2.13-h2",
        "PAN-OS 10.2.13-h1",
        "PAN-OS 10.2.13",
        "PAN-OS 10.2.12-h6",
        "PAN-OS 10.2.12-h5",
        "PAN-OS 10.2.12-h4",
        "PAN-OS 10.2.12-h3",
        "PAN-OS 10.2.12-h2",
        "PAN-OS 10.2.12-h1",
        "PAN-OS 10.2.12",
        "PAN-OS 10.2.11-h13",
        "PAN-OS 10.2.11-h12",
        "PAN-OS 10.2.11-h11",
        "PAN-OS 10.2.11-h10",
        "PAN-OS 10.2.11-h9",
        "PAN-OS 10.2.11-h8",
        "PAN-OS 10.2.11-h7",
        "PAN-OS 10.2.11-h6",
        "PAN-OS 10.2.11-h5",
        "PAN-OS 10.2.11-h4",
        "PAN-OS 10.2.11-h3",
        "PAN-OS 10.2.11-h2",
        "PAN-OS 10.2.11-h1",
        "PAN-OS 10.2.11",
        "PAN-OS 10.2.10-h36",
        "PAN-OS 10.2.10-h31",
        "PAN-OS 10.2.10-h30",
        "PAN-OS 10.2.10-h27",
        "PAN-OS 10.2.10-h26",
        "PAN-OS 10.2.10-h23",
        "PAN-OS 10.2.10-h21",
        "PAN-OS 10.2.10-h18",
        "PAN-OS 10.2.10-h17",
        "PAN-OS 10.2.10-h14",
        "PAN-OS 10.2.10-h13",
        "PAN-OS 10.2.10-h12",
        "PAN-OS 10.2.10-h11",
        "PAN-OS 10.2.10-h10",
        "PAN-OS 10.2.10-h9",
        "PAN-OS 10.2.10-h8",
        "PAN-OS 10.2.10-h7",
        "PAN-OS 10.2.10-h6",
        "PAN-OS 10.2.10-h5",
        "PAN-OS 10.2.10-h4",
        "PAN-OS 10.2.10-h3",
        "PAN-OS 10.2.10-h2",
        "PAN-OS 10.2.10-h1",
        "PAN-OS 10.2.10",
        "PAN-OS 10.2.9-h21",
        "PAN-OS 10.2.9-h20",
        "PAN-OS 10.2.9-h19",
        "PAN-OS 10.2.9-h18",
        "PAN-OS 10.2.9-h17",
        "PAN-OS 10.2.9-h16",
        "PAN-OS 10.2.9-h15",
        "PAN-OS 10.2.9-h14",
        "PAN-OS 10.2.9-h13",
        "PAN-OS 10.2.9-h12",
        "PAN-OS 10.2.9-h11",
        "PAN-OS 10.2.9-h10",
        "PAN-OS 10.2.9-h9",
        "PAN-OS 10.2.9-h8",
        "PAN-OS 10.2.9-h7",
        "PAN-OS 10.2.9-h6",
        "PAN-OS 10.2.9-h5",
        "PAN-OS 10.2.9-h4",
        "PAN-OS 10.2.9-h3",
        "PAN-OS 10.2.9-h2",
        "PAN-OS 10.2.9-h1",
        "PAN-OS 10.2.9",
        "PAN-OS 10.2.8-h21",
        "PAN-OS 10.2.8-h20",
        "PAN-OS 10.2.8-h19",
        "PAN-OS 10.2.8-h18",
        "PAN-OS 10.2.8-h17",
        "PAN-OS 10.2.8-h16",
        "PAN-OS 10.2.8-h15",
        "PAN-OS 10.2.8-h14",
        "PAN-OS 10.2.8-h13",
        "PAN-OS 10.2.8-h12",
        "PAN-OS 10.2.8-h11",
        "PAN-OS 10.2.8-h10",
        "PAN-OS 10.2.8-h9",
        "PAN-OS 10.2.8-h8",
        "PAN-OS 10.2.8-h7",
        "PAN-OS 10.2.8-h6",
        "PAN-OS 10.2.8-h5",
        "PAN-OS 10.2.8-h4",
        "PAN-OS 10.2.8-h3",
        "PAN-OS 10.2.8-h2",
        "PAN-OS 10.2.8-h1",
        "PAN-OS 10.2.8",
        "PAN-OS 10.2.7-h34",
        "PAN-OS 10.2.7-h32",
        "PAN-OS 10.2.7-h24",
        "PAN-OS 10.2.7-h23",
        "PAN-OS 10.2.7-h22",
        "PAN-OS 10.2.7-h21",
        "PAN-OS 10.2.7-h20",
        "PAN-OS 10.2.7-h19",
        "PAN-OS 10.2.7-h18",
        "PAN-OS 10.2.7-h17",
        "PAN-OS 10.2.7-h16",
        "PAN-OS 10.2.7-h15",
        "PAN-OS 10.2.7-h14",
        "PAN-OS 10.2.7-h13",
        "PAN-OS 10.2.7-h12",
        "PAN-OS 10.2.7-h11",
        "PAN-OS 10.2.7-h10",
        "PAN-OS 10.2.7-h9",
        "PAN-OS 10.2.7-h8",
        "PAN-OS 10.2.7-h7",
        "PAN-OS 10.2.7-h6",
        "PAN-OS 10.2.7-h5",
        "PAN-OS 10.2.7-h4",
        "PAN-OS 10.2.7-h3",
        "PAN-OS 10.2.7-h2",
        "PAN-OS 10.2.7-h1",
        "PAN-OS 10.2.7",
        "PAN-OS 10.2.6-h6",
        "PAN-OS 10.2.6-h5",
        "PAN-OS 10.2.6-h4",
        "PAN-OS 10.2.6-h3",
        "PAN-OS 10.2.6-h2",
        "PAN-OS 10.2.6-h1",
        "PAN-OS 10.2.6",
        "PAN-OS 10.2.5-h9",
        "PAN-OS 10.2.5-h8",
        "PAN-OS 10.2.5-h7",
        "PAN-OS 10.2.5-h6",
        "PAN-OS 10.2.5-h5",
        "PAN-OS 10.2.5-h4",
        "PAN-OS 10.2.5-h3",
        "PAN-OS 10.2.5-h2",
        "PAN-OS 10.2.5-h1",
        "PAN-OS 10.2.5",
        "PAN-OS 10.2.4-h32",
        "PAN-OS 10.2.4-h31",
        "PAN-OS 10.2.4-h30",
        "PAN-OS 10.2.4-h29",
        "PAN-OS 10.2.4-h28",
        "PAN-OS 10.2.4-h27",
        "PAN-OS 10.2.4-h26",
        "PAN-OS 10.2.4-h25",
        "PAN-OS 10.2.4-h24",
        "PAN-OS 10.2.4-h23",
        "PAN-OS 10.2.4-h22",
        "PAN-OS 10.2.4-h21",
        "PAN-OS 10.2.4-h20",
        "PAN-OS 10.2.4-h19",
        "PAN-OS 10.2.4-h18",
        "PAN-OS 10.2.4-h17",
        "PAN-OS 10.2.4-h16",
        "PAN-OS 10.2.4-h15",
        "PAN-OS 10.2.4-h14",
        "PAN-OS 10.2.4-h13",
        "PAN-OS 10.2.4-h12",
        "PAN-OS 10.2.4-h11",
        "PAN-OS 10.2.4-h10",
        "PAN-OS 10.2.4-h9",
        "PAN-OS 10.2.4-h8",
        "PAN-OS 10.2.4-h7",
        "PAN-OS 10.2.4-h6",
        "PAN-OS 10.2.4-h5",
        "PAN-OS 10.2.4-h4",
        "PAN-OS 10.2.4-h3",
        "PAN-OS 10.2.4-h2",
        "PAN-OS 10.2.4-h1",
        "PAN-OS 10.2.4",
        "PAN-OS 10.2.3-h14",
        "PAN-OS 10.2.3-h13",
        "PAN-OS 10.2.3-h12",
        "PAN-OS 10.2.3-h11",
        "PAN-OS 10.2.3-h10",
        "PAN-OS 10.2.3-h9",
        "PAN-OS 10.2.3-h8",
        "PAN-OS 10.2.3-h7",
        "PAN-OS 10.2.3-h6",
        "PAN-OS 10.2.3-h5",
        "PAN-OS 10.2.3-h4",
        "PAN-OS 10.2.3-h3",
        "PAN-OS 10.2.3-h2",
        "PAN-OS 10.2.3-h1",
        "PAN-OS 10.2.3",
        "PAN-OS 10.2.2-h6",
        "PAN-OS 10.2.2-h5",
        "PAN-OS 10.2.2-h4",
        "PAN-OS 10.2.2-h3",
        "PAN-OS 10.2.2-h2",
        "PAN-OS 10.2.2-h1",
        "PAN-OS 10.2.2",
        "PAN-OS 10.2.1-h3",
        "PAN-OS 10.2.1-h2",
        "PAN-OS 10.2.1-h1",
        "PAN-OS 10.2.1",
        "PAN-OS 10.2.0-h4",
        "PAN-OS 10.2.0-h3",
        "PAN-OS 10.2.0-h2",
        "PAN-OS 10.2.0-h1",
        "PAN-OS 10.2.0"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0288",
    "datePublished": "2026-07-08T20:14:32.405Z",
    "dateReserved": "2025-11-03T20:44:46.432Z",
    "dateUpdated": "2026-07-09T18:48:32.880Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0263 (GCVE-0-2026-0263)

Vulnerability from cvelistv5 – Published: 2026-05-13 17:47 – Updated: 2026-05-14 03:56
VLAI
Title
PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
Summary
A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition. Panorama, Cloud NGFW, and Prisma® Access are not impacted by these vulnerabilities.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Palo Alto Networks Cloud NGFW Unaffected: All (custom)
Create a notification for this product.
Palo Alto Networks PAN-OS Affected: 12.1.0 , < 12.1.7, 12.1.4-h5 (custom)
Affected: 11.2.0 , < 11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17 (custom)
Affected: 11.1.0 , < 11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33 (custom)
Unaffected: 10.2.0 (custom)
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*
Create a notification for this product.
Palo Alto Networks Prisma Access Unaffected: All (custom)
Create a notification for this product.
Date Public
2026-05-13 16:00
Credits
our internal security research teams
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0263",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-14T03:56:32.299Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "12.1.7",
                  "status": "unaffected"
                },
                {
                  "at": "12.1.4-h5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "12.1.7, 12.1.4-h5",
              "status": "affected",
              "version": "12.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.2.12",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.10-h6",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.7-h13",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.4-h17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.15",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.13-h5",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.10-h25",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.7-h6",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.6-h32",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.4-h33",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.15, 11.1.13-h5, 11.1.10-h25, 11.1.7-h6, 11.1.6-h32, 11.1.4-h33",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003c/p\u003eThis issue requires IKEv2 VPN tunnels that is configured with Post Quantum Cryptography (PQC).\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "This issue requires IKEv2 VPN tunnels that is configured with Post Quantum Cryptography (PQC)."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:cloud_ngfw:all:*:*:*:*:*:*:*",
                  "vulnerable": false
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "12.1.7_12.1.4-h5",
                  "versionStartIncluding": "12.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.12_11.2.10-h6_11.2.7-h13_11.2.4-h17",
                  "versionStartIncluding": "11.2.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.15_11.1.13-h5_11.1.10-h25_11.1.7-h6_11.1.6-h32_11.1.4-h33",
                  "versionStartIncluding": "11.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*",
                  "vulnerable": false
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access:all:*:*:*:*:*:*:*",
                  "vulnerable": false
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "other",
          "value": "our internal security research teams"
        }
      ],
      "datePublic": "2026-05-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS\u00ae software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition.\u003cbr\u003e\u003c/p\u003ePanorama, Cloud NGFW, and Prisma\u003cspan\u003e\u00ae\u003c/span\u003e Access are not impacted by these vulnerabilities."
            }
          ],
          "value": "A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS\u00ae software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition.\n\n\nPanorama, Cloud NGFW, and Prisma\u00ae Access are not impacted by these vulnerabilities."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:U/AU:Y/R:U/V:C/RE:H/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-13T17:47:05.198Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0263"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e Cloud NGFW\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 12.1\u003c/td\u003e\u003ctd\u003e12.1.5 through 12.1.6\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e12.1.2 through 12.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 12.1.4-h5 or 12.1.7 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003c/td\u003e\u003ctd\u003e11.2.11 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.8 through 11.2.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.10-h6 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.5 through 11.2.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.7-h13 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h17 or 11.2.12 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003c/td\u003e\u003ctd\u003e11.1.14 or later\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.11 through 11.1.13-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.13-h5 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.8 through 11.1.10-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.10-h25 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.7 through 11.1.7-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.7-h6 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.5 through 11.1.6-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h32 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4-h*\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.4-h33 or 11.1.15 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma Access\u0026nbsp;\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u0026nbsp;\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e All older unsupported PAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e Upgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "VERSION                                 MINOR VERSION                SUGGESTED SOLUTION\nCloud NGFW                                                           No action needed.\nPAN-OS 12.1                             12.1.5 through 12.1.6        Upgrade to 12.1.7 or later.\n                                        12.1.2 through 12.1.4-h*     Upgrade to 12.1.4-h5 or 12.1.7 or later.\nPAN-OS 11.2                             11.2.11 or later             Upgrade to 11.2.12 or later.\n                                        11.2.8 through 11.2.10-h*    Upgrade to 11.2.10-h6 or 11.2.12 or later.\n                                        11.2.5 through 11.2.7-h*     Upgrade to 11.2.7-h13 or 11.2.12 or later.\n                                        11.2.0 through 11.2.4-h*     Upgrade to 11.2.4-h17 or 11.2.12 or later.\nPAN-OS 11.1                             11.1.14 or later             Upgrade to 11.1.15 or later.\n                                        11.1.11 through 11.1.13-h*   Upgrade to 11.1.13-h5 or 11.1.15 or later.\n                                        11.1.8 through 11.1.10-h*    Upgrade to 11.1.10-h25 or 11.1.15 or later.\n                                        11.1.7 through 11.1.7-h*     Upgrade to 11.1.7-h6 or 11.1.15 or later.\n                                        11.1.5 through 11.1.6-h*     Upgrade to 11.1.6-h32 or 11.1.15 or later.\n                                        11.1.0 through 11.1.4-h*     Upgrade to 11.1.4-h33 or 11.1.15 or later.\nPAN-OS 10.2                                                          No action needed.\nPrisma Access                                                        No action needed. \nAll older unsupported PAN-OS versions                                Upgrade to a supported fixed version."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-13T16:00:00.000Z",
          "value": "Initial publication."
        }
      ],
      "title": "PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eCustomers using IKEv2 VPN can mitigate this issue by configuring IKEv2 VPN tunnels only with NIST approved Post Quantum Cryptography (PQC) ciphers.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "Customers using IKEv2 VPN can mitigate this issue by configuring IKEv2 VPN tunnels only with NIST approved Post Quantum Cryptography (PQC) ciphers."
        }
      ],
      "x_affectedList": [
        "PAN-OS 12.1.6",
        "PAN-OS 12.1.5",
        "PAN-OS 12.1.4-h3",
        "PAN-OS 12.1.4-h2",
        "PAN-OS 12.1.4",
        "PAN-OS 12.1.3-h3",
        "PAN-OS 12.1.3-h1",
        "PAN-OS 12.1.3",
        "PAN-OS 12.1.2",
        "PAN-OS 11.2.11",
        "PAN-OS 11.2.10-h5",
        "PAN-OS 11.2.10-h4",
        "PAN-OS 11.2.10-h3",
        "PAN-OS 11.2.10-h2",
        "PAN-OS 11.2.10-h1",
        "PAN-OS 11.2.10",
        "PAN-OS 11.2.9",
        "PAN-OS 11.2.8",
        "PAN-OS 11.2.7-h12",
        "PAN-OS 11.2.7-h11",
        "PAN-OS 11.2.7-h10",
        "PAN-OS 11.2.7-h8",
        "PAN-OS 11.2.7-h7",
        "PAN-OS 11.2.7-h4",
        "PAN-OS 11.2.7-h3",
        "PAN-OS 11.2.7-h2",
        "PAN-OS 11.2.7-h1",
        "PAN-OS 11.2.7",
        "PAN-OS 11.2.6",
        "PAN-OS 11.2.5",
        "PAN-OS 11.2.4-h15",
        "PAN-OS 11.2.4-h14",
        "PAN-OS 11.2.4-h12",
        "PAN-OS 11.2.4-h11",
        "PAN-OS 11.2.4-h10",
        "PAN-OS 11.2.4-h9",
        "PAN-OS 11.2.4-h8",
        "PAN-OS 11.2.4-h7",
        "PAN-OS 11.2.4-h6",
        "PAN-OS 11.2.4-h5",
        "PAN-OS 11.2.4-h4",
        "PAN-OS 11.2.4-h3",
        "PAN-OS 11.2.4-h2",
        "PAN-OS 11.2.4-h1",
        "PAN-OS 11.2.4",
        "PAN-OS 11.2.3-h5",
        "PAN-OS 11.2.3-h4",
        "PAN-OS 11.2.3-h3",
        "PAN-OS 11.2.3-h2",
        "PAN-OS 11.2.3-h1",
        "PAN-OS 11.2.3",
        "PAN-OS 11.2.2-h2",
        "PAN-OS 11.2.2-h1",
        "PAN-OS 11.2.1-h1",
        "PAN-OS 11.2.1",
        "PAN-OS 11.2.0-h1",
        "PAN-OS 11.2.0",
        "PAN-OS 11.1.14",
        "PAN-OS 11.1.13-h3",
        "PAN-OS 11.1.13-h2",
        "PAN-OS 11.1.13-h1",
        "PAN-OS 11.1.13",
        "PAN-OS 11.1.12",
        "PAN-OS 11.1.11",
        "PAN-OS 11.1.10-h21",
        "PAN-OS 11.1.10-h12",
        "PAN-OS 11.1.10-h10",
        "PAN-OS 11.1.10-h9",
        "PAN-OS 11.1.10-h7",
        "PAN-OS 11.1.10-h5",
        "PAN-OS 11.1.10-h4",
        "PAN-OS 11.1.10-h1",
        "PAN-OS 11.1.10",
        "PAN-OS 11.1.9",
        "PAN-OS 11.1.8",
        "PAN-OS 11.1.6-h29",
        "PAN-OS 11.1.6-h25",
        "PAN-OS 11.1.6-h23",
        "PAN-OS 11.1.6-h22",
        "PAN-OS 11.1.6-h21",
        "PAN-OS 11.1.6-h20",
        "PAN-OS 11.1.6-h19",
        "PAN-OS 11.1.6-h18",
        "PAN-OS 11.1.6-h17",
        "PAN-OS 11.1.6-h14",
        "PAN-OS 11.1.6-h10",
        "PAN-OS 11.1.6-h7",
        "PAN-OS 11.1.6-h6",
        "PAN-OS 11.1.6-h4",
        "PAN-OS 11.1.6-h3",
        "PAN-OS 11.1.6-h2",
        "PAN-OS 11.1.6-h1",
        "PAN-OS 11.1.6",
        "PAN-OS 11.1.5-h1",
        "PAN-OS 11.1.5",
        "PAN-OS 11.1.4-h32",
        "PAN-OS 11.1.4-h27",
        "PAN-OS 11.1.4-h25",
        "PAN-OS 11.1.4-h18",
        "PAN-OS 11.1.4-h17",
        "PAN-OS 11.1.4-h15",
        "PAN-OS 11.1.4-h13",
        "PAN-OS 11.1.4-h12",
        "PAN-OS 11.1.4-h11",
        "PAN-OS 11.1.4-h10",
        "PAN-OS 11.1.4-h9",
        "PAN-OS 11.1.4-h8",
        "PAN-OS 11.1.4-h7",
        "PAN-OS 11.1.4-h6",
        "PAN-OS 11.1.4-h5",
        "PAN-OS 11.1.4-h4",
        "PAN-OS 11.1.4-h3",
        "PAN-OS 11.1.4-h2",
        "PAN-OS 11.1.4-h1",
        "PAN-OS 11.1.4",
        "PAN-OS 11.1.3-h13",
        "PAN-OS 11.1.3-h12",
        "PAN-OS 11.1.3-h11",
        "PAN-OS 11.1.3-h10",
        "PAN-OS 11.1.3-h9",
        "PAN-OS 11.1.3-h8",
        "PAN-OS 11.1.3-h7",
        "PAN-OS 11.1.3-h6",
        "PAN-OS 11.1.3-h5",
        "PAN-OS 11.1.3-h4",
        "PAN-OS 11.1.3-h3",
        "PAN-OS 11.1.3-h2",
        "PAN-OS 11.1.3-h1",
        "PAN-OS 11.1.3",
        "PAN-OS 11.1.2-h18",
        "PAN-OS 11.1.2-h17",
        "PAN-OS 11.1.2-h16",
        "PAN-OS 11.1.2-h15",
        "PAN-OS 11.1.2-h14",
        "PAN-OS 11.1.2-h13",
        "PAN-OS 11.1.2-h12",
        "PAN-OS 11.1.2-h11",
        "PAN-OS 11.1.2-h10",
        "PAN-OS 11.1.2-h9",
        "PAN-OS 11.1.2-h8",
        "PAN-OS 11.1.2-h7",
        "PAN-OS 11.1.2-h6",
        "PAN-OS 11.1.2-h5",
        "PAN-OS 11.1.2-h4",
        "PAN-OS 11.1.2-h3",
        "PAN-OS 11.1.2-h2",
        "PAN-OS 11.1.2-h1",
        "PAN-OS 11.1.2",
        "PAN-OS 11.1.1-h2",
        "PAN-OS 11.1.1-h1",
        "PAN-OS 11.1.1",
        "PAN-OS 11.1.0-h4",
        "PAN-OS 11.1.0-h3",
        "PAN-OS 11.1.0-h2",
        "PAN-OS 11.1.0-h1",
        "PAN-OS 11.1.0"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0263",
    "datePublished": "2026-05-13T17:47:05.198Z",
    "dateReserved": "2025-11-03T20:44:23.944Z",
    "dateUpdated": "2026-05-14T03:56:32.299Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0250 (GCVE-0-2026-0250)

Vulnerability from cvelistv5 – Published: 2026-05-13 18:26 – Updated: 2026-05-14 03:56
VLAI
Title
GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
Summary
A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway. The GlobalProtect app on iOS is not affected.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Palo Alto Networks GlobalProtect App Affected: 6.3.0 , < 6.3.3-h9 (6.3.3-999) (custom)
Affected: 6.2.0 , < 6.2.8-h10 (6.2.8-948) (custom)
Create a notification for this product.
Palo Alto Networks GlobalProtect App Affected: 6.1 , < 6.1.13 (custom)
Create a notification for this product.
Palo Alto Networks GlobalProtect App Affected: 6.3.0 , < 6.3.3-h2 (6.3.3-42) (custom)
Affected: 6.0.0 , < 6.0.11 (custom)
Create a notification for this product.
Palo Alto Networks GlobalProtect App Affected: 6.0 , < 6.0.13 (custom)
Create a notification for this product.
Palo Alto Networks GlobalProtect App Affected: 6.0 , < 6.0.14 (custom)
Create a notification for this product.
Palo Alto Networks GlobalProtect UWP App Affected: 6.3 , < 6.3.3-h10 (custom)
Create a notification for this product.
Palo Alto Networks GlobalProtect App Unaffected: All (custom)
Create a notification for this product.
Date Public
2026-05-13 16:00
Credits
our internal security research teams
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0250",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-14T03:56:37.034Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "MacOS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.3.3-h9 (6.3.3-999)",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.3.3-h9 (6.3.3-999)",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.2.8-h10 (6.2.8-948)",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.2.8-h10 (6.2.8-948)",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Android",
            "Chrome OS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.1.13",
              "status": "affected",
              "version": "6.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.3.3-h2 (6.3.3-42)",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.3.3-h2 (6.3.3-42)",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.0.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.0.11",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "MacOS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.0.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.0.13",
              "status": "affected",
              "version": "6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Android",
            "Chrome OS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.0.14",
              "status": "affected",
              "version": "6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "GlobalProtect UWP App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.3.3-h10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.3.3-h10",
              "status": "affected",
              "version": "6.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "iOS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNo special configuration is required to be affected by this issue.\u003c/p\u003e"
            }
          ],
          "value": "No special configuration is required to be affected by this issue."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:windows:*:*:*:*:*",
                  "versionEndExcluding": "6.3.3-h9_6.3.3-999_",
                  "versionStartIncluding": "6.3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:macos:*:*:*:*:*",
                  "versionEndExcluding": "6.3.3-h9_6.3.3-999_",
                  "versionStartIncluding": "6.3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:windows:*:*:*:*:*",
                  "versionEndExcluding": "6.2.8-h10_6.2.8-948_",
                  "versionStartIncluding": "6.2.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:macos:*:*:*:*:*",
                  "versionEndExcluding": "6.2.8-h10_6.2.8-948_",
                  "versionStartIncluding": "6.2.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:android:*:*:*:*:*",
                  "versionEndExcluding": "6.1.13",
                  "versionStartIncluding": "6.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:chrome_os:*:*:*:*:*",
                  "versionEndExcluding": "6.1.13",
                  "versionStartIncluding": "6.1",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:linux:*:*:*:*:*",
                  "versionEndExcluding": "6.3.3-h2_6.3.3-42_",
                  "versionStartIncluding": "6.3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:linux:*:*:*:*:*",
                  "versionEndExcluding": "6.0.11",
                  "versionStartIncluding": "6.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:windows:*:*:*:*:*",
                  "versionEndExcluding": "6.0.13",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:macos:*:*:*:*:*",
                  "versionEndExcluding": "6.0.13",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:android:*:*:*:*:*",
                  "versionEndExcluding": "6.0.14",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:chrome_os:*:*:*:*:*",
                  "versionEndExcluding": "6.0.14",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_uwp_app:*:*:windows:*:*:*:*:*",
                  "versionEndExcluding": "6.3.3-h10",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:all:*:ios:*:*:*:*:*",
                  "vulnerable": false
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "other",
          "value": "our internal security research teams"
        }
      ],
      "datePublic": "2026-05-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect\u2122 app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway.\u003c/p\u003e\u003cp\u003eThe GlobalProtect app on iOS is not affected.\u003c/p\u003e"
            }
          ],
          "value": "A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect\u2122 app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway.\n\n\n\nThe GlobalProtect app on iOS is not affected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-540",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-540 Overread Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 5.2,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-13T18:26:51.927Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0250"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eMinor Version\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.3 on Windows\u003c/td\u003e\u003ctd\u003e6.3.0 through 6.3.3-h8\u003c/td\u003e\u003ctd\u003eUpgrade to 6.3.3-h9 (6.3.3-999) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.2 on Windows\u003c/td\u003e\u003ctd\u003e6.2.0 through 6.2.8-h9\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h10 (6.2.8-948) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on Windows\u003c/td\u003e\u003ctd\u003e6.0.0 through 6.0.12\u003c/td\u003e\u003ctd\u003eUpgrade to 6.0.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on Linux\u003c/td\u003e\u003ctd\u003e6.0.0 through 6.0.10\u003c/td\u003e\u003ctd\u003eUpgrade to 6.0.11 or later.\u0026nbsp;\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.2/6.3 on Linux\u003c/td\u003e\u003ctd\u003e6.2.0 through 6.3.3-h1\u003c/td\u003e\u003ctd\u003eUpgrade to 6.3.3-h2 (6.3.3-42) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.3 on macOS\u003c/td\u003e\u003ctd\u003e6.3.0 through 6.3.3-h8\u003c/td\u003e\u003ctd\u003eUpgrade to 6.3.3-h9 (6.3.3-999) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.2 on macOS\u003c/td\u003e\u003ctd\u003e6.2.0 through 6.2.8-h9\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h10 (6.2.8-948) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on macOS\u003c/td\u003e\u003ctd\u003e6.0.0 through 6.0.12\u003c/td\u003e\u003ctd\u003eUpgrade to 6.0.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on Android\u003c/td\u003e\u003ctd\u003e6.1.0 through 6.1.12\u003c/td\u003e\u003ctd\u003eUpgrade to 6.1.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on Android\u003c/td\u003e\u003ctd\u003e6.0.0 through 6.0.13\u003c/td\u003e\u003ctd\u003eUpgrade to 6.0.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on ChromeOS\u003c/td\u003e\u003ctd\u003e6.1.0 through 6.1.12\u003c/td\u003e\u003ctd\u003eUpgrade to 6.1.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on ChromeOS\u003c/td\u003e\u003ctd\u003e6.0.0 through 6.0.13\u003c/td\u003e\u003ctd\u003eUpgrade to 6.0.14 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect UWP App\u003c/td\u003e\u003ctd\u003e6.1.0 through 6.3.3-h9\u003c/td\u003e\u003ctd\u003eUpgrade to 6.3.3-h10 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on iOS\u003c/td\u003e\u003ctd\u003e\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "VERSION                              MINOR VERSION            SUGGESTED SOLUTION\nGlobalProtect App 6.3 on Windows     6.3.0 through 6.3.3-h8   Upgrade to 6.3.3-h9 (6.3.3-999) or later.\nGlobalProtect App 6.2 on Windows     6.2.0 through 6.2.8-h9   Upgrade to 6.2.8-h10 (6.2.8-948) or later.\nGlobalProtect App 6.0 on Windows     6.0.0 through 6.0.12     Upgrade to 6.0.13 or later.\nGlobalProtect App 6.0 on Linux       6.0.0 through 6.0.10     Upgrade to 6.0.11 or later. \nGlobalProtect App 6.2/6.3 on Linux   6.2.0 through 6.3.3-h1   Upgrade to 6.3.3-h2 (6.3.3-42) or later.\nGlobalProtect App 6.3 on macOS       6.3.0 through 6.3.3-h8   Upgrade to 6.3.3-h9 (6.3.3-999) or later.\nGlobalProtect App 6.2 on macOS       6.2.0 through 6.2.8-h9   Upgrade to 6.2.8-h10 (6.2.8-948) or later.\nGlobalProtect App 6.0 on macOS       6.0.0 through 6.0.12     Upgrade to 6.0.13 or later.\nGlobalProtect App 6.1 on Android     6.1.0 through 6.1.12     Upgrade to 6.1.13 or later.\nGlobalProtect App 6.0 on Android     6.0.0 through 6.0.13     Upgrade to 6.0.14 or later.\nGlobalProtect App 6.1 on ChromeOS    6.1.0 through 6.1.12     Upgrade to 6.1.13 or later.\nGlobalProtect App 6.0 on ChromeOS    6.0.0 through 6.0.13     Upgrade to 6.0.14 or later.\nGlobalProtect UWP App                6.1.0 through 6.3.3-h9   Upgrade to 6.3.3-h10 or later.\nGlobalProtect App on iOS                                      No action needed"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-13T16:00:00.000Z",
          "value": "Initial Publication."
        }
      ],
      "title": "GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNo known workarounds exist for this issue.\u003c/p\u003e"
            }
          ],
          "value": "No known workarounds exist for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0250",
    "datePublished": "2026-05-13T18:26:51.927Z",
    "dateReserved": "2025-11-03T20:44:11.022Z",
    "dateUpdated": "2026-05-14T03:56:37.034Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

GCVE-1-2026-0011

Vulnerability from gna-1 – Published: 2026-01-29 14:37 – Updated: 2026-01-29 14:39
VLAI
Summary
Out-of-bounds memory write in the network packet fragmentation and reassembly code in Electronic Arts Command & Conquer: Generals before latest community patches on Windows allows a remote unauthenticated attacker to cause memory corruption and potential remote code execution via specially crafted fragmented multiplayer network packets.
CWE
Assigner
References
URL Tags
https://www.atredis.com/blog/2026/1/26/generals third-party-advisory
Impacted products
Credits
Bryan Alexander

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Command \u0026 Conquer: Generals",
          "vendor": "EA Games",
          "versions": [
            {
              "status": "affected"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bryan Alexander"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Out-of-bounds memory write in the network packet fragmentation and reassembly code in Electronic Arts Command \u0026amp; Conquer: Generals before latest community patches on Windows allows a remote unauthenticated attacker to cause memory corruption and potential remote code execution via specially crafted fragmented multiplayer network packets."
            }
          ],
          "value": "Out-of-bounds memory write in the network packet fragmentation and reassembly code in Electronic Arts Command \u0026 Conquer: Generals before latest community patches on Windows allows a remote unauthenticated attacker to cause memory corruption and potential remote code execution via specially crafted fragmented multiplayer network packets."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "orgId": "00000000-0000-4000-9000-000000000000"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.atredis.com/blog/2026/1/26/generals"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "00000000-0000-4000-9000-000000000000",
    "datePublished": "2026-01-29T14:37:00.000Z",
    "dateUpdated": "2026-01-29T14:39:17.728822Z",
    "requesterUserId": "00000000-0000-4000-9000-000000000000",
    "serial": 1,
    "state": "PUBLISHED",
    "vulnId": "gcve-1-2026-0011",
    "vulnerabilitylookup_history": [
      [
        "andras.iklody@gmail.com",
        "2026-01-29T14:37:20.103009Z"
      ],
      [
        "andras.iklody@gmail.com",
        "2026-01-29T14:39:17.728822Z"
      ]
    ]
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GCVE-1-2026-0009

Vulnerability from gna-1 – Published: 2026-01-29 14:30 – Updated: 2026-01-29 14:30
VLAI
Summary
Stack-based buffer overflow in the multiplayer network packet handler in Electronic Arts Command & Conquer: Generals before latest community patches on Windows allows a remote unauthenticated attacker to execute arbitrary code via crafted NETCOMMANDTYPE_FILE UDP packets sent to the game’s multiplayer port.
CWE
Assigner
References
URL Tags
https://www.atredis.com/blog/2026/1/26/generals third-party-advisory
Impacted products
Credits
Bryan Alexander

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Command \u0026 Conquer: Generals",
          "vendor": "EA Games",
          "versions": [
            {
              "status": "affected"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bryan Alexander"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Stack-based buffer overflow in the multiplayer network packet handler in Electronic Arts Command \u0026amp; Conquer: Generals before latest community patches on Windows allows a remote unauthenticated attacker to execute arbitrary code via crafted NETCOMMANDTYPE_FILE UDP packets sent to the game\u2019s multiplayer port."
            }
          ],
          "value": "Stack-based buffer overflow in the multiplayer network packet handler in Electronic Arts Command \u0026 Conquer: Generals before latest community patches on Windows allows a remote unauthenticated attacker to execute arbitrary code via crafted NETCOMMANDTYPE_FILE UDP packets sent to the game\u2019s multiplayer port."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "orgId": "00000000-0000-4000-9000-000000000000"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.atredis.com/blog/2026/1/26/generals"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "00000000-0000-4000-9000-000000000000",
    "datePublished": "2026-01-29T14:30:38.596928Z",
    "dateUpdated": "2026-01-29T14:30:38.596928Z",
    "requesterUserId": "00000000-0000-4000-9000-000000000000",
    "serial": 1,
    "state": "PUBLISHED",
    "vulnId": "gcve-1-2026-0009",
    "vulnerabilitylookup_history": [
      [
        "andras.iklody@gmail.com",
        "2026-01-29T14:30:38.596928Z"
      ]
    ]
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-3
Requirements

Strategy: Language Selection

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, many languages that perform their own memory management, such as Java and Perl, are not subject to buffer overflows. Other languages, such as Ada and C#, typically provide overflow protection, but the protection can be disabled by the programmer.
  • Be wary that a language's interface to native code may still be subject to overflows, even if the language itself is theoretically safe.
Mitigation MIT-4.1
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • Examples include the Safe C String Library (SafeStr) by Messier and Viega [REF-57], and the Strsafe.h library from Microsoft [REF-56]. These libraries provide safer versions of overflow-prone string-handling functions.
Mitigation MIT-10
Operation Build and Compilation

Strategy: Environment Hardening

  • Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
  • D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation MIT-9
Implementation
  • Consider adhering to the following rules when allocating and managing an application's memory:
  • Double check that the buffer is as large as specified.
  • When using functions that accept a number of bytes to copy, such as strncpy(), be aware that if the destination buffer size is equal to the source buffer size, it may not NULL-terminate the string.
  • Check buffer boundaries if accessing the buffer in a loop and make sure there is no danger of writing past the allocated space.
  • If necessary, truncate all input strings to a reasonable length before passing them to the copy and concatenation functions.
Mitigation MIT-11
Operation Build and Compilation

Strategy: Environment Hardening

  • Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
  • Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
  • For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].
Mitigation MIT-12
Operation

Strategy: Environment Hardening

  • Use a CPU and operating system that offers Data Execution Protection (using hardware NX or XD bits) or the equivalent techniques that simulate this feature in software, such as PaX [REF-60] [REF-61]. These techniques ensure that any instruction executed is exclusively at a memory address that is part of the code segment.
  • For more information on these techniques see D3-PSEP (Process Segment Execution Prevention) from D3FEND [REF-1336].
Mitigation MIT-13
Implementation

Replace unbounded copy functions with analogous functions that support length arguments, such as strcpy with strncpy. Create these if they are not available.

No CAPEC attack patterns related to this CWE.