Select your country

Belgium

China

Denmark

France

Germany

Maghreb & West Africa

Netherlands

Norway

South Africa

Spain

Sweden

Switzerland

United Kingdom

Not finding what you are looking for, select your country from our regional selector:

Search

  1. Sweden
  2. Kunskap
  3. Nyheter
  4. Critical unpatched vulnerability in Palo Alto Networks PAN-OS' Captive Portal (CVE-2026-0300)
| News

Critical unpatched vulnerability in Palo Alto Networks PAN-OS' Captive Portal (CVE-2026-0300)

Nyheter

Share

On May 6, 2026, Palo Alto Networks disclosed a critical vulnerability in PAN-OS, tracked as CVE-2026-0300. This vulnerability allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls.

The vulnerability affects organizations that have the User-ID Authentication Portal, also known as the “Captive Portal”, enabled. While restricting access to this service to trusted internal IP addresses significantly reduces the exposure, it does not fully eliminate the risk.

Given the limited in-the-wild exploitation observed and that patches are scheduled for release only on May 13 and May 28, we strongly urge organizations to implement Palo Alto Networks' recommended mitigations, as detailed in the last section of this advisory. Orange Cyberdefense World Watch team assess the risk associated with this advisory as 4 out of 5.

 

Customers should refer to the vendor advisory for version-specific remediation timelines.

24/7 incident hotline