PALO ALTO: Security Advisory: Medium Severity Command Injection in PAN-OS

PALO ALTO Security Advisory

Published Date: June 11, 2026

CVE: CVE-2026-0273

Advisory Summary

Palo Alto Networks has disclosed a medium severity vulnerability identified as CVE-2026-0273 that affects PAN-OS. This flaw allows authenticated administrators to execute command injection attacks via the CLI or Web UI interfaces. Exploiting this vulnerability could enable unauthorized command execution, potentially leading to partial compromise of network security controls managed by PAN-OS devices.

• Requires authenticated admin access, limiting exposure to internal or trusted users.
• Attack vectors include both command-line interface and graphical Web UI, increasing potential attack surfaces.
• Successful exploitation can disrupt firewall and related security functions managed by PAN-OS.

• Immediately review and apply the security patches released by Palo Alto Networks.
• Monitor administrative access logs for suspicious activities.
• Limit admin access and enforce strict authentication policies to reduce risk.

This vulnerability highlights the critical need for vigilant access management and timely patch application in complex network environments utilizing PAN-OS infrastructure.

🔗

Reference: Vendor Advisory