CISA Catalog
Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.
KEV Entries
1,619
Ransomware Use
327
Overdue
1,615
Vendors
266
Products
655
15 results · Page 1/1
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks · PAN-OS
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establish an unauthorized VPN connection.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability
Palo Alto Networks · PAN-OS
Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Until the vendor releases an official fix, the following workaround should be implemented: - Restrict User-ID Authentication Portal access to only trusted zones. - Disable User-ID Authentication Portal if not required. 5/13/2026: Palo Alto has released a variety of patches. If these are relevant to your environment, please apply the designated patch.
Palo Alto Networks PAN-OS File Read Vulnerability
Palo Alto Networks · PAN-OS
Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks · PAN-OS
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability
Palo Alto Networks · PAN-OS
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Palo Alto Networks · PAN-OS
Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, including firewalls and VPN concentrators.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, the management interfaces for affected devices should not be exposed to untrusted networks, including the internet.
Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
Palo Alto Networks · PAN-OS
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrators.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, management interface for affected devices should not be exposed to untrusted networks, including the internet.
Palo Alto Networks Expedition SQL Injection Vulnerability
Palo Alto Networks · Expedition
Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Palo Alto Networks Expedition OS Command Injection Vulnerability
Palo Alto Networks · Expedition
Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Palo Alto Networks Expedition Missing Authentication Vulnerability
Palo Alto Networks · Expedition
Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, credentials, and other data.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Palo Alto Networks PAN-OS Command Injection Vulnerability
Palo Alto Networks · PAN-OS
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.
Required Action
Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.
Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
Palo Alto Networks · PAN-OS
A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.
Required Action
Apply updates per vendor instructions.
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Palo Alto Networks · PAN-OS
Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained.
Required Action
Apply updates per vendor instructions.
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks · PAN-OS
Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.
Required Action
Apply updates per vendor instructions.
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Palo Alto Networks · PAN-OS
Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.
Required Action
Apply updates per vendor instructions.
