Back

Critical Buffer Overflow Vulnerabilities in PAN-OS Affecting Firewalls

Severity: High (Score: 70.5)

Sources: Security.Paloaltonetworks, cwe.mitre.org, capec.mitre.org

Summary

Palo Alto Networks disclosed two critical buffer overflow vulnerabilities in PAN-OS on May 13, 2026. CVE-2026-0264 allows unauthenticated attackers to cause a denial of service or execute arbitrary code on PA-Series hardware. CVE-2026-0263 also enables remote code execution with elevated privileges via IKEv2 processing. Both vulnerabilities require specific configurations to be exploitable, including enabled DNS Proxy or IKEv2 VPN tunnels with Post Quantum Cryptography. The risk is highest for PA-Series hardware, while Panorama, Cloud NGFW, and Prisma Access are unaffected. Palo Alto Networks has not reported any known exploitation of these vulnerabilities. Users are advised to upgrade to the latest PAN-OS versions to mitigate risks. Key Points: • CVE-2026-0264 allows DoS or arbitrary code execution on PA-Series hardware. • CVE-2026-0263 enables remote code execution via IKEv2 processing. • Both vulnerabilities are not exploitable on Panorama, Cloud NGFW, or Prisma Access.

Key Entities

  • DDoS (attack_type)
  • Denial of Service (attack_type)
  • Zero-day Exploit (attack_type)
  • CVE-2026-0263 (cve)
  • CVE-2026-0264 (cve)
  • CWE-120 - Classic Buffer Overflow (cwe)
  • Cwe-122 - Heap-based Buffer Overflow (cwe)
  • Cwe-125 - Out-of-bounds Read (cwe)
  • Cwe-131 - Incorrect Calculation Of Buffer Size (cwe)
  • Cwe-193 - Off-by-one Error (cwe)
  • T1203 - Exploitation for Client Execution (mitre_attack)
  • Cloud NGFW (platform)
  • Linux (platform)
  • Panorama (platform)
  • Pan-os (platform)
  • PA-Series (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed