Critical Buffer Overflow Vulnerabilities in PAN-OS Affecting Firewalls

Critical Buffer Overflow Vulnerabilities in PAN-OS Affecting Firewalls

First seen 13 May 2026, 20:06 UTC Security.Paloaltonetworkscwe.mitre.orgcapec.mitre.org 87% similarity 70.5

Article Content

Browse articles
ThreatCluster

Palo Alto Networks disclosed two critical buffer overflow vulnerabilities in PAN-OS on May 13, 2026. CVE-2026-0264 allows unauthenticated attackers to cause a denial of service or execute arbitrary code on PA-Series hardware. CVE-2026-0263 also enables remote code execution with elevated privileges via IKEv2 processing. Both vulnerabilities require specific configurations to be exploitable, including enabled DNS Proxy or IKEv2 VPN tunnels with Post Quantum Cryptography. The risk is highest for PA-Series hardware, while Panorama, Cloud NGFW, and Prisma Access are unaffected. Palo Alto Networks has not reported any known exploitation of these vulnerabilities. Users are advised to upgrade to the latest PAN-OS versions to mitigate risks.

Key Points: • CVE-2026-0264 allows DoS or arbitrary code execution on PA-Series hardware. • CVE-2026-0263 enables remote code execution via IKEv2 processing. • Both vulnerabilities are not exploitable on Panorama, Cloud NGFW, or Prisma Access.

ThreatCluster AI

Timeline

2026-05-13
CVE-2026-0264 published
A buffer overflow in PAN-OS allows DoS and potential arbitrary code execution on PA-Series hardware.
Security.Paloaltonetworks
2026-05-13
CVE-2026-0263 published
A buffer overflow in IKEv2 processing enables remote code execution with elevated privileges on PAN-OS.
Security.Paloaltonetworks

Community

Browse all →