Exploitation for Priv-Esc × Palo Alto Networks PAN-OS

A publicly-reported instance of Exploitation for Priv-Esc bypassing Palo Alto Networks PAN-OS, recorded with its original source. Factual record; no assessment of any specific deployment.

Product

Palo Alto Networks PAN-OS

Technique

Exploitation for Priv-Esc

MITRE ATT&CK

T1068

Confidence

High

Severity

Critical

Status

in the wild

Disclosed

2026-06-01

Config / version noted

Not stated

Provenance

cyberscoop.com
disclosed 2026-06-01 · original source · via brave

Reported as

command injection vulnerability in the PAN-OS management web interface...allows unauthenticated attackers to execute commands with root privileges

Mechanism

The vulnerability resides in the PAN-OS management web interface and allows unauthenticated remote command injection, leading to root-level code execution on the firewall appliance.

Detection & mitigation

Monitor firewall management interface logs for unusual access patterns or command execution. Restrict management interface to trusted IPs and apply the vendor patch immediately.

Exploitation for Priv-Esc has also been recorded against

Apple Atlassian Bitdefender Broadcom (Symantec)Comodo Security ConnectWise CrowdStrike Elastic ESET F5 Fortinet Google

This is a record of a publicly-reported event, not an assessment of any specific organization's deployment. Detection and mitigation notes are drawn from the cited source. Where the source is silent, fields are omitted.