—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

Multiple Vulnerabilities in PAN-OS

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

    PAN-OS 12.1 versions prior to 12.1.4-h5 and 12.1.7 
    PAN-OS 11.2 versions prior to 11.2.4-h17, 11.2.7-h13, 11.2.10-h6 and 11.2.12 
    PAN-OS 11.1 versions prior to 11.1.4-h33, 11.1.6-h32, 11.1.7-h6, 11.1.10-h25, 11.1.13-h5 and 11.1.15 
    PAN-OS 10.2 versions prior to 10.2.7-h34, 10.2.10-h36, 10.2.13-h21, 10.2.16-h7 and 10.2.18-h6 
    Prisma Access 11.2.0 versions prior to 11.2.7-h13*
    Prisma Access 10.2.0 versions prior to 10.2.10-h36*

Overview

Multiple vulnerabilities have been reported in Palo Alto Networks PAN-OS that could allow an authenticated or unauthenticated attacker to bypass security restrictions, cause denial-of-service (DoS) conditions, bypass authentication mechanisms, or execute arbitrary code with elevated privileges on the targeted system.

Target Audience:
Organizations, Enterprises, Managed Security Service Providers using PAN-OS based PA-Series and VM-Series firewalls.

Risk Assessment:
High risk of unauthorized access, remote code execution, system compromise, or service disruption.

Impact Assessment:
Potential for compromise of confidentiality, integrity and availability of affected systems and network infrastructure.

Description

Palo Alto Networks PAN-OS is a network security operating system designed for PA-Series and VM-Series firewalls, providing enterprise-grade network security and threat prevention capabilities.

Multiple vulnerabilities have been identified in Palo Alto Networks PAN-OS due to improper input validation, insufficient authentication checks and memory handling issues.

Successful exploitation of these vulnerabilities could allow an authenticated or unauthenticated attacker to bypass security restrictions, cause denial-of-service (DoS) conditions, bypass authentication mechanisms, or execute arbitrary code with elevated privileges on the targeted system.

Solution

Apply appropriate security updates as mentioned in:
https://security.paloaltonetworks.com/CVE-2026-0261

https://security.paloaltonetworks.com/CVE-2026-0262

https://security.paloaltonetworks.com/CVE-2026-0263

https://security.paloaltonetworks.com/CVE-2026-0264

https://security.paloaltonetworks.com/CVE-2026-0265

Vendor Information

Palo Alto
https://security.paloaltonetworks.com/

References

 
https://security.paloaltonetworks.com/CVE-2026-0261
https://security.paloaltonetworks.com/CVE-2026-0262
https://security.paloaltonetworks.com/CVE-2026-0263
https://security.paloaltonetworks.com/CVE-2026-0264
https://security.paloaltonetworks.com/CVE-2026-0265

CVE Name
CVE-2026-0261
CVE-2026-0262
CVE-2026-0263
CVE-2026-0264
CVE-2026-0265

– — 

Thanks and Regards,
CERT-In

Incident Response Help Desk
e-mail: incident@cert-in.org.in
Phone: +91-11-22902657
Toll Free Number: 1800-11-4949
Toll Free Fax : 1800-11-6969
Web: http://www.cert-in.org.in
PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4
PGP Key information:
https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQJPBAEBCAA5FiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmoJa28bFIAAAAAABAAO
bWFudTIsMi41KzEuMTIsMiwxAAoJEN4woHEnXMrPX00QAI1027xGd6C3s1AIvfCA
NsFaEeYbhj9bnm5HXi4wT1/JbHt+xQSVQzh0RlO88nTXSPE8h9Lf3seZxR4cd8TO
+xhj+N985tqlMO3zaned9/3TN42BaDvxF3Lg+RgyqEcPgPx0ROVkWdW5MHLjrBM3
8WT2g3lrE79svB2nMmlLf54sY8zGl6yBhf045WDainKRzMotYaFdP0g1PpAQi3zH
nXjulQUy7T3G7SY2cGU4jwUW73Zspx4Z70KRa74srBIm1krCcR2DBWWfYv0rgkX4
jzdNz1tgCgvS3v+UJUhRaNFG1LEawvQ+ciYfNMNm0FbCA/Wv9O5y6/XtQpbafYT9
QlP4hKFiVG5rmbzaGxrMixTlq6VaPG9bKvUs7OuK7Gy0Lbx2jI5+63Vc3Qp8DNyU
zNISmHbINxdYm2T6tIJTSSnnYvOAzgX5GyqzZWkCuWkLMMY6r7Ljyfan8ttC1R1A
bEI6BkiLiOiSFu4tD32gOOhl0sEDSR8NAowQRQp8W+FMa4YpxFhaUYY3hFi66LRQ
2k/Uf86EoFgbeqD4D2glRf8zVYhrvtCQGaYx+9azU0hzg1jp+gf/OFRuq6QsxoLU
Ynhs31mU34cJSk2zkHOyHZLd8YcxOc0q8va6H0TVcfDyCN/QoeggxvIcZe827gDR
lWzcGubjEamw821j1BoKk8g1
=MZdA
—–END PGP SIGNATURE—–