Jump to the main content block
  1. Home
  2. Hot News

【Vulnerability Alert】Palo Alto Networks PAN-OS Has a Critical Cybersecurity Vulnerability (CVE-2026-0257)

publish date : 2026-06-05 update date : 2026-06-05

Source: Ministry of education information & communication security contingency platform

"" "" ""

Publication Number TACERT-ANA-2026060310063939 Publication Time 2026-06-03 10:22:40
Incident Type ANA-Vulnerability Alert Discovery Time 2026-06-03 10:22:40
Impact Level Low  
[Subject]
【Vulnerability Alert】Palo Alto Networks PAN-OS Has a Critical Cybersecurity Vulnerability (CVE-2026-0257)
[Content]

Forwarded from TWCERTCC Security Advisory TWCERTCC-200-202606-00000003

ITSM is a reliable and powerful IT service management solution under Ivanti, which can help organizations improve service efficiency and ensure IT operation compliance and security. Recently, a critical security advisory was released for Ivanti Neurons for ITSM (CVE-2026-9614, CVSS: 8.8). This vulnerability may allow an authenticated remote attacker to obtain system management access privileges.

Information Sharing Level: WHITE (the intelligence content is information that may be publicly disclosed)
[Affected Platform]

PAN-OS versions earlier than 10.2.10-h36, not inclusive

PAN-OS versions earlier than 10.2.13-h21, not inclusive

PAN-OS versions earlier than 10.2.16-h7, not inclusive

PAN-OS versions earlier than 10.2.18-h6, not inclusive

PAN-OS versions earlier than 10.2.7-h34, not inclusive

PAN-OS versions earlier than 11.1.10-h25, not inclusive

PAN-OS versions earlier than 11.1.13-h5, not inclusive

PAN-OS versions earlier than 11.1.15, not inclusive

PAN-OS versions earlier than 11.1.4-h33, not inclusive

PAN-OS versions earlier than 11.1.6-h32, not inclusive

PAN-OS versions earlier than 11.1.7-h6, not inclusive

PAN-OS versions earlier than 11.2.10-h7, not inclusive

PAN-OS versions earlier than 11.2.12, not inclusive

PAN-OS versions earlier than 11.2.4-h17, not inclusive

PAN-OS versions earlier than 11.2.7-h14, not inclusive

PAN-OS versions earlier than 12.1.4-h6, not inclusive

PAN-OS versions earlier than 12.1.7, not inclusive

Prisma Access versions earlier than 10.2.10-h36, not inclusive

Prisma Access versions earlier than 11.2.7-h13, not inclusive
[Recommended Actions]

Apply patches according to the solution released on the official website:

https://security.paloaltonetworks.com/CVE-2026-0257

[Reference]
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center
Click Num:
Print