TECH NEWS

Palo Alto warns of critical firewall flaw, tells users a patch is on the way

https://cdn.mos.cms.futurecdn.net/5rDPr5xYvLwnkP7ZvpR2w3-2122-80.jpg
  • A critical buffer overflow flaw (CVE‑2026‑0300) in PAN‑OS User‑ID Authentication Portal is under limited exploitation
  • The bug allows unauthenticated code execution with root privileges on exposed firewalls
  • Palo Alto advised restricting portals to trusted networks; fixes are due May 13, 2026

PAN-OS User-ID Authentication Portal, a feature in Palo Alto Networks firewalls that identifies and authenticates users on a network, contains a critical-severity zero-day vulnerability which is being exploited in limited attacks, the company has warned.

The bug is described as a buffer overflow weakness that allows unauthenticated threat actors to run arbitrary code with root privileges on PA-Series and VM-Series firewalls via specially crafted packets.

It is tracked as CVE-2026-0300 and was given a severity score of 9.3/10 (critical). It only works against endpoints that are exposed to the public internet.

Guidance and patches

"Limited exploitation has been observed targeting Palo Alto Networks User-ID™ Authentication Portals that are exposed...

Copyright of this story solely belongs to techradar.com. To see the full text click HERE

Read more

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iFvcFRHhjPhQ/v0/1200x800.jpg

The rapid pace of AI progress has created a pervasive fear of missing out across Silicon Valley, fueling anxiety among founders, executives, employees, and VCs

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.