"cve - 2026 - 0300 palo alto networks pan - os buffer overflow overview & takeaways palo alto networks has disclosed a critical zero - day vulnerability in pan - os, tracked as cve - 2026 - 0300, affecting pa - series and vm - series firewalls with the user - id authentication por…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
58%
"e. g., spawned child processes ) on affected firewalls. treat any internet - exposed instance with the portal enabled as potentially compromised pending mitigation or patch. mitigation patches are not yet available ; mitigations should be implemented immediately until patches can…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
54%
") in the user - id authentication portal ( captive portal ) service ; triggered by specially crafted network packets products and systems affected affected products : pa - series and vm - series firewalls running pan - os with user - id authentication portal enabled. prisma acces…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Palo Alto Networks has disclosed a critical zero-day vulnerability in PAN-OS, tracked as CVE-2026-0300, affecting PA-Series and VM-Series firewalls with the User-ID Authentication Portal (Captive Portal) enabled. The flaw is a pre-authentication buffer overflow that allows an unauthenticated, remote attacker to execute arbitrary code with root privileges on affected devices.