PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-0265 Palo Alto Networks CVE debrief

CVE-2026-0265 is an authentication bypass vulnerability in Palo Alto Networks PAN-OS software. This issue enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used. The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to best practice deployment guidelines [ref-4]. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Vendor
Palo Alto Networks
Product
Cloud NGFW
CVSS
HIGH 7.2
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-13
Original CVE updated
2026-06-09
Advisory published
2026-05-13
Advisory updated
2026-06-09

Who should care

Administrators and security teams responsible for Palo Alto Networks PAN-OS software, specifically those using PA-Series and VM-Series firewalls and Panorama (virtual and M-Series) with Cloud Authentication Service (CAS) enabled.

Technical summary

An authentication bypass vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. This issue has a CVSS score of 7.2 and is classified as HIGH severity.

Defensive priority

High

Recommended defensive actions

  • Restrict access to the management web interface to only trusted internal IP addresses according to best practice deployment guidelines [ref-4].
  • Review and update PAN-OS software configurations to ensure secure authentication mechanisms are in place.

Evidence notes

Vendor identified as Palo Alto Networks based on evidence from source references [ref-4].

Official resources

CVE-2026-0265 was published on 2026-05-13T18:16:14.693Z and modified on 2026-06-09T10:16:42.017Z.