TECH NEWS

Palo Alto warns of critical firewall flaw, tells users a patch is on the way

https://cdn.mos.cms.futurecdn.net/5rDPr5xYvLwnkP7ZvpR2w3-2122-80.jpg
  • A critical buffer overflow flaw (CVE‑2026‑0300) in PAN‑OS User‑ID Authentication Portal is under limited exploitation
  • The bug allows unauthenticated code execution with root privileges on exposed firewalls
  • Palo Alto advised restricting portals to trusted networks; fixes are due May 13, 2026

PAN-OS User-ID Authentication Portal, a feature in Palo Alto Networks firewalls that identifies and authenticates users on a network, contains a critical-severity zero-day vulnerability which is being exploited in limited attacks, the company has warned.

The bug is described as a buffer overflow weakness that allows unauthenticated threat actors to run arbitrary code with root privileges on PA-Series and VM-Series firewalls via specially crafted packets.

It is tracked as CVE-2026-0300 and was given a severity score of 9.3/10 (critical). It only works against endpoints that are exposed to the public internet.

Guidance and patches

"Limited exploitation has been observed targeting Palo Alto Networks User-ID™ Authentication Portals that are exposed...

Copyright of this story solely belongs to techradar.com. To see the full text click HERE

Read more

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iQxnL5D7fN3Y/v0/1200x800.jpg

Alibaba's T-Head unveils the Zhenwu M890 AI chip for training and inference, saying it is particularly suited for agentic tasks, and plans annual upgrades

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data
https://images.ft.com/v3/image/raw/https%3A%2F%2Fcms-image-bucket-productionv3-ap-northeast-1-a7d2.s3.ap-northeast-1.amazonaws.com%2Fimages%2F7%2F9%2F2%2F6%2F12516297-1-eng-GB%2F7f4ecf3f98...

SkyeChip becomes the first Malaysian chip design company to IPO on the Bursa Malaysia exchange, surging 300%+; the company was valued at ~$397M at its IPO price

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data