Sunday , July 12 2026
Palo Alto

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security problems for Palo Alto Networks products and over 500 issues that Google recently fixed in Chromium, which is used for the Prisma browser.
The worst of the new fixes is CVE-2026-0288. It has a high severity and urgency rating. This CVE involves several buffer overflows in PAN-OS software that runs Palo Alto’s firewalls.
An attacker without permission who can access the network can make the firewall stop working and possibly run code by sending specific network messages.
The vulnerability seems serious, but the risk of being exploited is reduced if organizations use best practices and only allow trusted internal IP addresses to access the User-ID Terminal Server Agent (TSA).
Seven of the new security fixes have a medium severity level. Five of these bugs affect PAN-OS. They can be used to cause a DoS problem, run any OS commands as root, make unauthorized requests from the firewall to internal services, steal information, and skip authentication. The more serious problems need the attacker to be logged in as an admin.
The medium-level flaws affect Prisma Access Agent. They can be used for MitM attacks, allowing people to intercept VPN traffic and get around DLP policy rules.
Five weaknesses have a low severity score, but some are moderately urgent. They can let someone gain higher access, run code through XSS attacks, get around firewall rules, delete files, and reveal information.
Palo Alto says it doesn’t know of any attacks using these weaknesses. But it’s common for bad actors to go after problems in the company’s products, so organizations should install the newest updates.
Some of the new flaws were found by outside researchers, but the cybersecurity company said it has discovered many more flaws inside because of its AI use.

Check Also

SharePoint

CISA KEV Adds SharePoint RCE CVE-2026-45659 After Active Exploits

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a serious problem affecting Microsoft SharePoint …