Palo Alto Products Multiple Vulnerabilities

Severity Level: High

Date: 03/06/2026

Ref: CERT-NCSOC-0239

Components Affected

• GlobalProtect App 6.0 versions earlier than 6.0.11 on Linux
• GlobalProtect App 6.0 versions earlier than 6.0.13 on macOS and Windows
• GlobalProtect App 6.0 versions earlier than 6.0.14 on Android and ChromeOS
• GlobalProtect App 6.1 versions earlier than 6.1.13 on Android and ChromeOS
• GlobalProtect App 6.2 versions earlier than 6.2.8-h10 on macOS and Windows
• GlobalProtect App 6.3 versions earlier than 6.3.3-h2 on Linux
• GlobalProtect App 6.3 versions earlier than 6.3.3-h9 on macOS and Windows
• PAN-OS 10.2 versions earlier than 10.2.7-h34
• PAN-OS 10.2 versions earlier than 10.2.10-h36
• PAN-OS 10.2 versions earlier than 10.2.13-h21
• PAN-OS 10.2 versions earlier than 10.2.16-h7
• PAN-OS 10.2 versions earlier than 10.2.18-h6
• PAN-OS 11.1 versions earlier than 11.1.4-h33
• PAN-OS 11.1 versions earlier than 11.1.6-h32
• PAN-OS 11.1 versions earlier than 11.1.7-h6
• PAN-OS 11.1 versions earlier than 11.1.10-h25
• PAN-OS 11.1 versions earlier than 11.1.13-h5
• PAN-OS 11.1 versions earlier than 11.1.15
• PAN-OS 11.2 versions earlier than 11.2.4-h17
• PAN-OS 11.2 versions earlier than 11.2.7-h14
• PAN-OS 11.2 versions earlier than 11.2.10-h7
• PAN-OS 11.2 versions earlier than 11.2.12
• PAN-OS 12.1 versions earlier than 12.1.4-h6
• PAN-OS 12.1 versions earlier than 12.1.7
• Prisma Access 10.2.0 versions earlier than 10.2.10-h36
• Prisma Access 11.2.0 versions earlier than 11.2.7-h13

Overview

Multiple security vulnerabilities have been identified in Palo Alto Networks products. These vulnerabilities could allow attackers to gain unauthorized access, execute malicious code, elevate privileges, disrupt services, or bypass implemented security controls. Successful exploitation may affect the confidentiality, integrity, and availability of affected systems.

Description

CVE-2026-0257 is being actively exploited. Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of PAN-OS software allow an attacker to bypass security restrictions and establish unauthorized VPN connections.

Impact

• Remote Code Execution
• Denial of Service
• Security Restriction Bypass
• Cross-Site Scripting
• Elevation of Privilege

Solution / Workarounds

Before installation of the software, please visit the vendor's website for more details.

Apply fixes issued by the vendor:

• Palo Alto Security Advisories
• CVE-2026-0257 Advisory

Reference

• Palo Alto Security Advisory
• HKCERT Security Bulletin

Disclaimer

The information provided herein is on an "as is" basis, without warranty of any kind.