Palo Alto Networks
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Palo Alto Networks product.
RSS Feeds for Palo Alto Networks security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Palo Alto Networks products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Palo Alto Networks Sorted by Most Security Vulnerabilities since 2018
Palo Alto Networks PAN-OS176 vulnerabilities
PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls.
By the Year
In 2026 there have been 44 vulnerabilities in Palo Alto Networks. Last year, in 2025 Palo Alto Networks had 32 security vulnerabilities published. That is, 12 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 44 | 0.00 |
| 2025 | 32 | 6.12 |
| 2024 | 50 | 6.50 |
| 2023 | 15 | 5.39 |
| 2022 | 9 | 6.47 |
| 2021 | 30 | 6.56 |
| 2020 | 61 | 6.83 |
| 2019 | 24 | 6.79 |
| 2018 | 11 | 5.66 |
It may take a day or so for new Palo Alto Networks vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Palo Alto Networks Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-0274 | Jun 10, 2026 |
Improper credential validation in CommvaultSecurityIQ XSOAR integrationAn improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM allows an unauthenticated attacker to access and modify protected resources. |
Cortex Xsiam Commvaultsecurityiq Marketplace
Cortex Xsoar Commvaultsecurityiq Marketplace
|
| CVE-2026-0273 | Jun 10, 2026 |
PAN-OS Command Injection Escalation to Root via CLI/Web UIA command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability. |
PAN-OS
|
| CVE-2026-0272 | Jun 10, 2026 |
PALO ALTO PAN-OS CLI PrivEsc (CVE-2026-0272)A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW, and Prisma® Access are not impacted by this vulnerability. |
PAN-OS
|
| CVE-2026-0271 | Jun 10, 2026 |
Linux PE via Prisma Access Agent (Palo Alto)A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges. This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS. |
Prisma Access Agent
|
| CVE-2026-0270 | Jun 10, 2026 |
Path traversal in Palo Alto Cortex XSOAR (Linux) allows arbitrary file writeA path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle (MITM) attack, to write arbitrary files to the host. |
Cortex Xsoar
|
| CVE-2026-0269 | Jun 10, 2026 |
PAN-OS Tunnel MemCorrupt Reboot Exploit (Authenticated)A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability. |
PAN-OS
|
| CVE-2026-0268 | Jun 10, 2026 |
Prisma Access Agent Linux VPN Bypass for Local AttackerA security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel. This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS. |
Prisma Access Agent
|
| CVE-2026-0267 | Jun 10, 2026 |
GlobalProtect macOS Passcode Disclosure VulnerabilityAn information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions even if the GlobalProtect app configuration would not normally permit them to do so. |
Globalprotect App
|
| CVE-2026-0266 | Jun 10, 2026 |
XSS in Palo Alto Networks PAN-OS UI Captures Authenticated Admin PayloadsA cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability. |
PAN-OS
|
| CVE-2026-0243 | May 13, 2026 |
DoS via crafted IPv6 packet on Palo Alto Prisma SD-WAN IONA denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet. |
Prisma Sd Wan Ion
|
| CVE-2026-0248 | May 13, 2026 |
Improper Cert Validation in Prisma Access Agent for Android Enables MitMAn improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information. The Prisma Access Agent on macOS, Windows, Linux and iOS are not affected. |
Prisma Access Agent
|
| CVE-2026-0242 | May 13, 2026 |
SQLi in Trust Protection Foundation (TPF) enabling admin takeoverA SQL injection vulnerability in Trust Protection Foundation allows an authenticated attacker to execute arbitrary SQL commands against the product database. Successful exploitation could allow an attacker to read sensitive data, modify database contents, and escalate privileges to gain full administrative control of the platform. |
Trust Protection Foundation
|
| CVE-2026-0244 | May 13, 2026 |
Improper Cert Validation in Palo Alto Networks Prisma SD-WAN ION Allows MitMAn improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle (MitM) attacker to impersonate the controller. |
Prisma Sd Wan Ion
|
| CVE-2026-0241 | May 13, 2026 |
Incorrect Auth Bypass in Palo Alto Trust Protection FoundationIncorrect Authorization vulnerabilities in Trust Protection Foundation allow attackers to bypass access controls and perform unauthorized actions on restricted resources. |
Trust Protection Foundation
|
| CVE-2026-0245 | May 13, 2026 |
Prisma Access Agent Local User Info DisclosureMultiple information disclosure vulnerabilities in Prisma Access Agent® allow a local user to access sensitive configuration data and credentials. The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected. |
Prisma Access Agent
|
| CVE-2026-0240 | May 13, 2026 |
TPF CVE-2026-0240: Authenticated InfoDisclosure & PrivEsc via VaultAn information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server's vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify configuration settings. |
Trust Protection Foundation
|
| CVE-2026-0246 | May 13, 2026 |
Prisma Access Agent Priv Escal to Root / SYSTEM (CVE-2026-0246)A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts. The Prisma Access Agent on iOS, Android and Chrome OS are not affected. |
Prisma Access Agent
|
| CVE-2026-0247 | May 13, 2026 |
Auth Bypass in Prisma Access Agent Endpoint DLP ComponentMultiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access Agent® allow a local attacker to bypass authentication controls and execute privileged operations. |
Prisma Access Agent
|
| CVE-2026-0249 | May 13, 2026 |
GlobalProtect CVE-2026-0249 Improper Cert Validation Traffic InterceptMultiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software. The GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected. |
Globalprotect App
|
| CVE-2026-0239 | May 13, 2026 |
Chronocollector Unauth Info Disclosure (CVE-2026-0239)An information disclosure vulnerability in the Chronosphere Chronocollector enables an unauthenticated attacker with network access to the collector service to retrieve sensitive information. |
Chronosphere Chronocollector
|
| CVE-2026-0250 | May 13, 2026 |
Buffer Overflow in Palo Alto GlobalProtect Enables Code Exec (CVE-2026-0250)A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway. The GlobalProtect app on iOS is not affected. |
Globalprotect App
Globalprotect Uwp App
|
| CVE-2026-0238 | May 13, 2026 |
Authenticated Admin Injection in Palo Alto Broker VMA vulnerability in Palo Alto Networks Broker VM allows an authenticated administrator to inject arbitrary content into certain Broker VM fields. |
Broker Vm
|
| CVE-2026-0251 | May 13, 2026 |
Palo Alto GlobalProtect Local Priv Escal to SYSTEM/ROOTMultiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges. The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. |
Globalprotect App
|
| CVE-2026-0256 | May 13, 2026 |
PAN-OS Stored XSS via Web Interface on PA-Series/VM-Series & PanoramaA stored cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not impacted by this vulnerability. |
PAN-OS
|
| CVE-2026-0257 | May 13, 2026 |
Auth Bypass in PAN-OS GlobalProtect Portal/GatewayAuthentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues. |
PAN-OS
Prisma Access
|
| CVE-2026-0235 | May 13, 2026 |
Race Condition in Prisma Browser Allows Local User to Bypass PoliciesA race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies. |
Prisma Browser
|
| CVE-2026-0258 | May 13, 2026 |
PAN-OS SSRF via IKEv2 Unauthenticated AttackA server-side request forgery (SSRF) vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service (DoS) condition. Panorama, Cloud NGFW and Prisma® Access are not impacted by these vulnerabilities. |
PAN-OS
|
| CVE-2026-0259 | May 13, 2026 |
Arbitrary File Read/Deletion in Palo Alto Networks WildFire WF-500An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The WildFire Appliance (WF-500, WF-500-B) software update is now available to customers that use the WildFire Appliance (WF-500, WF-500-B) for on-premise sandboxing. Please note that customers using the WildFire Public cloud service are NOT impacted by this vulnerability. |
Wildfire Wf 500 And Wf 500 B
|
| CVE-2026-0261 | May 13, 2026 |
Palo Alto PAN-OS Root CLI Command Injection CVE-2026-0261Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by these vulnerabilities. |
PAN-OS
|
| CVE-2026-0236 | May 13, 2026 |
Code Injection via AppleScript in Palo Alto Prisma Browser (macOS)A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage this exposed Apple Event handler to send unauthorized commands to the browser. |
Prisma Browser
|
| CVE-2026-0262 | May 13, 2026 |
DoS via Crafted Traffic in Palo Alto PAN-OS Network OSMultiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities. |
PAN-OS
Prisma Access
|
| CVE-2026-0237 | May 13, 2026 |
Palo Alto Networks Prisma Browser Auth CmdInv via AutoBr (CVE-2026-0237)An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls. |
Prisma Browser
|
| CVE-2026-0263 | May 13, 2026 |
Pan-OS IKEv2 Buffer Overflow Enables RCEA buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition. Panorama, Cloud NGFW, and Prisma® Access are not impacted by these vulnerabilities. |
PAN-OS
|
| CVE-2026-0264 | May 13, 2026 |
PAN-OS DNS Buffer Overflow DoS / Remote Code ExecA buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service (DoS) condition (all PAN-OS platforms except Cloud NGFW and Prisma Access) or potentially execute arbitrary code by sending specially crafted network traffic (PA-Series hardware only). Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability. |
PAN-OS
|
| CVE-2026-0265 | May 13, 2026 |
PAN-OS CAS Auth Bypass (CVE-2026-0265)An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used. The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by this vulnerability. |
PAN-OS
|
| CVE-2026-0300 | May 06, 2026 |
PAN-OS User-ID Auth Captive Po Buffer Overflow Root Code ExecA buffer overflow vulnerability in the User-ID Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability. |
PAN-OS
|
| CVE-2026-0232 | Apr 13, 2026 |
Cortex XDR Agent Admin Bypass: Local Admin Can Disable Agent ProtectionA problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection. |
Cortex Xdr Agent
|
| CVE-2026-0233 | Apr 13, 2026 |
Palo Alto Autonomous Digital Experience Manager Windows Cert Validation RCEA certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges. |
Autonomous Digital Experience Manager
|
| CVE-2026-0234 | Apr 13, 2026 |
Improper Cert Sig Verif in Palo Alto Cortex XSOAR/XSIAM Teams IntegrationAn improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources. |
Cortex Xsoar Microsoft Teams Marketplace
Cortex Xsiam Microsoft Teams Marketplace
|
| CVE-2026-0231 | Mar 11, 2026 |
Cortex XDR Broker VM Info Disclosure via UI (CVE-2026-0231)An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broker VM to exploit this issue. |
Cortex Xdr Broker Vm
|
| CVE-2026-0230 | Mar 11, 2026 |
Local Admin Can Disable Palo Alto Cortex XDR on macOSA problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection. |
Cortex Xdr Agent
|
| CVE-2026-0229 | Feb 11, 2026 |
PAN-OS ADNS DoS via Malicious Packet Causing System RebootA denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Cloud NGFW and Prisma Access® are not impacted by this vulnerability. |
PAN-OS
|
| CVE-2026-0228 | Feb 11, 2026 |
PAN-OS Improper Cert Validation Lets Windows TS Agents Use Expired CertsAn improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so. |
PAN-OS
Prisma Access
|
| CVE-2026-0227 | Jan 15, 2026 |
PAN-OS DoS via Maintenance Mode TriggerA vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode. |
PAN-OS
Prisma Access
|
| CVE-2025-4618 | Nov 14, 2025 |
Sensitive Info Disclosure in Palo Alto Prisma BrowserA sensitive information disclosure vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to retrieve sensitive data from Prisma Browser. Browser self-protection should be enabled to mitigate this issue. |
Prisma Browser
|
| CVE-2025-4617 | Nov 14, 2025 |
Prisma Browser Windows Screenshot Bypass via Local AuthAn insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the browser. Browser self-protection should be enabled to mitigate this issue. |
Prisma Browser
|
| CVE-2025-4616 | Nov 14, 2025 |
Palo Alto Prisma Browser: Local non-admin can bypass via input val flawAn insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to revert the browsers security controls. |
Prisma Browser
|
| CVE-2025-4619 | Nov 13, 2025 |
Palo Alto PAN-OS DoS Reboot via DataPlane PacketA denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. This issue is applicable to the PAN-OS software versions listed below on PA-Series firewalls, VM-Series firewalls, and Prisma® Access software. This issue does not affect Cloud NGFW. We have successfully completed the Prisma Access upgrade for all customers, with the exception of those facing issues such as conflicting maintenance windows. Remaining customers will be promptly scheduled for an upgrade through our standard upgrade process. |
PAN-OS
Prisma Access
|
| CVE-2025-4615 | Oct 09, 2025 |
Authenticated Admin Bypass in PANOS Web UI CVE20254615An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. Cloud NGFW and Prisma® Access are not affected by this vulnerability. |
PAN-OS
Prisma Access
|
| CVE-2025-4614 | Oct 09, 2025 |
PAN-OS session token leakage allows admin impersonation (CVE20254614)An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. Cloud NGFW and Prisma® Access are not affected by this vulnerability. |
PAN-OS
|