en.Wedoany.com Reported - Palo Alto Networks warned on Friday that hackers are exploiting a vulnerability in its firewall software to bypass login authentication and remotely access protected systems. The vulnerability, designated as CVE-2026-0257, is classified as high severity. In an updated security advisory, Palo Alto Networks stated that limited exploitation attempts have been observed on unpatched PAN-OS devices where mitigation measures were not applied.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerabilities Catalog (KEV) on Friday, requiring federal agencies to patch it promptly. Palo Alto Networks is one of the leading firewall vendors in the market, with its products used by the U.S. government and numerous critical infrastructure organizations. If successfully exploited, hackers could gain broad access to customer networks. CISA noted in its related warning that such vulnerabilities are common attack vectors for malicious cyber actors, posing significant risks to federal enterprises.

Security research firm Rapid7 stated that it has observed signs of exploitation since mid-May but has not yet found evidence of hackers successfully moving laterally from firewalls to other network devices. Rapid7 also pointed out that authentication bypasses in edge enterprise VPN devices could have severe impacts on affected organizations. Due to the critical role of Palo Alto Networks firewalls in network perimeter defense, hackers frequently target them. In May this year, the company disclosed another vulnerability in the PAN-OS authentication system, which CISA also added to the KEV catalog at that time.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com