A zero-day vulnerability, tracked as CVE-2026-0300, has been discovered in the Captive Portal service of Palo Alto Networks' PAN-OS software, affecting PA and VM series firewalls. This flaw is being actively exploited by attackers to compromise firewalls. The vulnerability is currently under discussion, with its exploitation status determining the urgency of the patch. Palo Alto Networks is set to release a patch to address this issue. The Captive Portal service, which allows guests to access a network, is the specific component affected by CVE-2026-03001. This vulnerability poses a significant risk to organizations relying on Palo Alto firewalls, as it could allow unauthorized access to their networks. The fact that this vulnerability is being actively exploited highlights the need for prompt action. So what matters to practitioners is that they must closely monitor the situation and apply the patch as soon as it is available to prevent potential breaches.
Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls
⚠️ Critical Alert
Why This Matters
CVE-2026-0300 is in active discussion involving Palo Alto — exploitation status determines whether this is patch-now or monitor.
References
- SecurityWeek. (2026, May 6). Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls. SecurityWeek. https://www.securityweek.com/palo-alto-networks-to-patch-zero-day-exploited-to-hack-firewalls/
Original Source
SecurityWeek
Read original →