Skip to main content
Blowfish
  1. posts/

CVE-2026-0257: Authentication Bypass in Palo Alto Networks PAN-OS GlobalProtect

·278 words·2 mins
Table of Contents

🇬🇧 English Version
#

TL;DR
#

A critical authentication bypass vulnerability (CVE-2026-0257) in Palo Alto Networks PAN-OS GlobalProtect portal and gateway allows unauthenticated attackers to bypass security restrictions and establish unauthorized VPN connections. The CVSS v4.0 score is 7.8 (HIGH). Panorama and Cloud NGFW are not affected.

What Happened
#

Palo Alto Networks disclosed an authentication bypass vulnerability in the GlobalProtect portal and gateway components of PAN-OS. This flaw enables an attacker to bypass security controls and create unauthorized VPN tunnels, potentially leading to network compromise.

Technical Details
#

  • CVE ID: CVE-2026-0257
  • Weakness Type: CWE-565 (Reliance on Cookies without Validation and Integrity Checking)
  • CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:N/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Red
  • Attack Vector: Network-based, low complexity, no privileges required, no user interaction.
  • Impact: Low confidentiality impact, no integrity or availability impact on the vulnerable system, but high confidentiality and integrity impact on subsequent systems (SC:H, SI:H).

Impact & Risk
#

The vulnerability allows an unauthenticated attacker to establish a VPN connection without proper authentication. This could lead to unauthorized access to internal resources, data exfiltration, or further lateral movement. The vulnerability is rated HIGH with a score of 7.8. It is listed in CISA’s Known Exploited Vulnerabilities catalog, indicating active exploitation.

Mitigation / Recommendations
#

  • Apply the security update provided by Palo Alto Networks immediately. Refer to the advisory at https://security.paloaltonetworks.com/CVE-2026-0257.
  • If immediate patching is not possible, consider restricting network access to the GlobalProtect portal and gateway from untrusted sources.
  • Monitor for unauthorized VPN connections and anomalous network activity.
  • Review and enforce least-privilege access controls.

References
#

🇹🇭 ฉบับภาษาไทย
#

ไม่มีเนื้อหาภาษาไทย

📋 ข้อมูลอ้างอิง
#

รายการข้อมูล
ระดับความรุนแรง🟠 High
แหล่งที่มา#
วันที่เผยแพร่2026-06-03
ภาษาต้นฉบับen

📌 บทความนี้สร้างโดย AI กรุณาตรวจสอบก่อน publish

อ่านบทความต้นฉบับ