Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

The Hacker News·15. Juni 2026, 06:17

Originalartikel lesen bei The Hacker News

Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portals. The vulnerability in question is CVE-2026-0257 (CVSS score: 7.8), an authentication bypass flaw...

MITRE ATT&CK Kill Chain (1 Techniken)

Reconnaissance

T1592.002

Software

Vollständigen Artikel lesen bei The Hacker News

11 Quellen berichten

Primärquellen

CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Current Activity · vor 21 Tagen
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Current Activity · vor 19 Tagen
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Current Activity · vor 16 Tagen
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Current Activity · vor 15 Tagen
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Current Activity · vor 14 Tagen
Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257
Unit 42 · vor 12 Tagen

Weitere Quellen

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
The Hacker News · vor 18 Tagen
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
The Hacker News · vor 15 Tagen
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
The Hacker News · vor 15 Tagen
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
The Hacker News · vor 14 Tagen

Erwähnte CVEs (1)

CVE-2026-0257CRITICAL(9.1)

KEVEPSS 19%

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.

Details NVD

MITRE ATT&CK Kill Chain (1 Techniken)

Verwandte Artikel