Print - 【Vulnerability Alert】 A Critical Security Vulnerability Exists in Palo Alto Cortex XSIAM / XSOAR (CVE-2026-0234)

【Vulnerability Alert】 A Critical Security Vulnerability Exists in Palo Alto Cortex XSIAM / XSOAR (CVE-2026-0234)

publish date : 2026-04-13 update date : 2026-04-13

Source: Ministry of education information & communication security contingency platform

"" "" ""


Publication Number	TACERT-ANA-2026041002044949	Publication Time	2026/04/10 14:35
Incident Type	ANA-Vulnerability Alert	Discovery Time	2026/04/10 14:35
Impact Level	Low
[Subject] 【Vulnerability Alert】 A Critical Security Vulnerability Exists in Palo Alto Cortex XSIAM / XSOAR (CVE-2026-0234)
[Content] Forwarded from TWCERTCC-200-202604-00000010 Recently, Palo Alto Networks released a critical security advisory (CVE-2026-0234, CVSS: 8.8). When Cortex XSOAR and Cortex XSIAM are integrated with Microsoft Teams, an improper cryptographic signature vulnerability exists, which may allow an unauthenticated attacker to access or tamper with protected resources. (Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform] Cortex XSIAM Microsoft Teams Marketplace versions earlier than 1.5.52 (excluding 1.5.52) Cortex XSOAR Microsoft Teams Marketplace versions earlier than 1.5.52 (excluding 1.5.52)
[Recommended Actions] Cortex XSIAM Microsoft Teams Marketplace version 1.5.52 or later (inclusive) Cortex XSOAR Microsoft Teams Marketplace version 1.5.52 or later (inclusive)
[Reference] https://www.twcert.org.tw/tw/cp-169-10830-9aaae-1.html

(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw

Organizer: Computer Center