Skip to content

Palo Alto Networks PAN-OS: Multiple Vulnerabilities Enabling Code Execution

The Bottom Line: Multiple critical vulnerabilities in PAN-OS enable code execution and security bypass, requiring timely patching.

Palo Alto Networks has patched multiple vulnerabilities in PAN-OS that attackers can exploit for cross-site scripting, arbitrary code execution, security bypass, and denial-of-service attacks.

The Federal Office for Information Security (BSI) warns of multiple vulnerabilities in Palo Alto Networks PAN-OS (WID-SEC-2026-2261). The identified gaps enable attackers to conduct various attack scenarios: cross-site scripting attacks, arbitrary code execution, security mechanism bypass, data manipulation, disclosure of confidential information, and denial-of-service conditions.

For CISOs, this warning is critical: PAN-OS often operates perimeter security and is thus a direct target from outside. Code execution on these devices provides attackers with entry points into the network; the ability to bypass security mechanisms additionally jeopardizes protective measures such as access control or logging.

Immediate action required: Review of the current PAN-OS version status in your own environment, application of available patches, and if necessary, activation of workarounds if patching cannot be performed immediately. Network segmentation and enhanced monitoring of Palo Alto appliances are interim measures to mitigate risk.


Source: wid.cert-bund.de · Published July 9, 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification via Lumi News Pipeline v1.7.3.

Share on: