PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

Description

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.

Affected Products

Vendor	Product	Versions
palo alto	cloud ngfw	12.1.0, 11.2.0, 11.1.0, 10.2.0

References

https://security.paloaltonetworks.com/CVE-2026-0300(vendor-advisory)

Related News (1 articles)

Tier C

VulDB3h ago

CVE-2026-0300 | Palo Alto Cloud NGFW/PAN-OS/Prisma Access out-of-bounds write

→ No new info (linked only)

PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

Description

Affected Products

References

Related News (1 articles)

Community Vote

Related CVEs (2)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History