UpTrajectory Review
A critical zero-day vulnerability in Palo Alto Networks' PAN-OS firewall system has been identified, with reports indicating that state-sponsored hackers have exploited it for nearly a month. This vulnerability, CVE-2026-0300, affects the User-ID Authentication Portal, allowing unauthorized code execution on exposed firewalls. With over 5,400 PAN-OS VM firewalls reportedly exposed, primarily in Asia and North America, the urgency for small business owners to act is clear.
For small business operators, this vulnerability poses a significant risk, especially if your organization relies on PAN-OS firewalls. The recommendation to restrict access to the Authentication Portal or disable it entirely should be taken seriously, as the potential for exploitation could lead to severe security breaches. As updates are expected to roll out soon, keeping abreast of these changes and implementing them promptly will be crucial in safeguarding your network.
“Palo Alto Networks is still working on security updates.” — CSO Online
Takeaway: Act now to restrict access to your PAN-OS firewalls until updates are available.
From the original item — CSO Online:
Palo Alto Networks warns that a critical zero-day vulnerability has been discovered in the PAN-OS firewall system. The vulnerability has already been exploited by suspected state-sponsored hackers for nearly a month, reports Bleeping Computer.
The vulnerability, CVE-2026-0300, is located in the User-ID Authentication Portal (also known as the Captive Portal) and allows attackers to execute code with root privileges on exposed PA and VM series firewalls without first logging in.
The security organization Shadowserver estimates that over 5,400 PAN-OS VM firewalls are exposed to the internet, primarily in Asia and North America.
Palo Alto Networks is still working on security updates. These are expected to begin rolling out on May 13. Until then, customers are advised to restrict access to the Authentication Portal to trusted networks or disable the feature entirely.