Print - 【Vulnerability Alert】Palo Alto Networks PAN-OS Has a Critical Cybersecurity Vulnerability (CVE-2026-0257)

【Vulnerability Alert】Palo Alto Networks PAN-OS Has a Critical Cybersecurity Vulnerability (CVE-2026-0257)

publish date : 2026-06-05 update date : 2026-06-05

Source: Ministry of education information & communication security contingency platform

"" "" ""


Publication Number	TACERT-ANA-2026060310063939	Publication Time	2026-06-03 10:22:40
Incident Type	ANA-Vulnerability Alert	Discovery Time	2026-06-03 10:22:40
Impact Level	Low
[Subject] 【Vulnerability Alert】Palo Alto Networks PAN-OS Has a Critical Cybersecurity Vulnerability (CVE-2026-0257)
[Content] Forwarded from TWCERTCC Security Advisory TWCERTCC-200-202606-00000003 ITSM is a reliable and powerful IT service management solution under Ivanti, which can help organizations improve service efficiency and ensure IT operation compliance and security. Recently, a critical security advisory was released for Ivanti Neurons for ITSM (CVE-2026-9614, CVSS: 8.8). This vulnerability may allow an authenticated remote attacker to obtain system management access privileges. Information Sharing Level: WHITE (the intelligence content is information that may be publicly disclosed)
[Affected Platform] PAN-OS versions earlier than 10.2.10-h36, not inclusive PAN-OS versions earlier than 10.2.13-h21, not inclusive PAN-OS versions earlier than 10.2.16-h7, not inclusive PAN-OS versions earlier than 10.2.18-h6, not inclusive PAN-OS versions earlier than 10.2.7-h34, not inclusive PAN-OS versions earlier than 11.1.10-h25, not inclusive PAN-OS versions earlier than 11.1.13-h5, not inclusive PAN-OS versions earlier than 11.1.15, not inclusive PAN-OS versions earlier than 11.1.4-h33, not inclusive PAN-OS versions earlier than 11.1.6-h32, not inclusive PAN-OS versions earlier than 11.1.7-h6, not inclusive PAN-OS versions earlier than 11.2.10-h7, not inclusive PAN-OS versions earlier than 11.2.12, not inclusive PAN-OS versions earlier than 11.2.4-h17, not inclusive PAN-OS versions earlier than 11.2.7-h14, not inclusive PAN-OS versions earlier than 12.1.4-h6, not inclusive PAN-OS versions earlier than 12.1.7, not inclusive Prisma Access versions earlier than 10.2.10-h36, not inclusive Prisma Access versions earlier than 11.2.7-h13, not inclusive
[Recommended Actions] Apply patches according to the solution released on the official website: https://security.paloaltonetworks.com/CVE-2026-0257
[Reference]

(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw

Organizer: Computer Center