1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Rapid7 observes new Palo Alto VPN flaw exploited in the wild to b

    From TechnologyDaily@1337:1/100 to All on Tuesday, June 02, 2026 16:15:25
    Rapid7 observes new Palo Alto VPN flaw exploited in the wild to bypass GlobalProtect authentication

    Date:
    Tue, 02 Jun 2026 15:00:00 +0000

    Description:
    A flaw fixed last month is now being used in real-life attacks, and security researchers are urging users to patch.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Critical PANOS flaw exploited
    in the wild Authentication bypass enables unauthorized VPN access CISA added CVE20260257 to KEV catalog A recently discovered vulnerability in PAN-OS, the operating system powering Palo Altos firewalls , is being actively exploited in the wild, researchers are saying, urging customers to apply the provided patch as soon as possible.

    In mid-May this year, Palo Alto disclosed an authentication bypass flaw in
    the Global Protect portal and gateway that allows threat actors to work
    around security restrictions and establish an unauthorized VPN connection.
    The bug is now tracked as CVE-2026-0257, and assigned a severity score of 9.1/10 (critical). Earlier this week, security researchers Rapid7 said they saw threat actors successfully leveraging this bug in attacks: Rapid7 MDR identified successful exploitation across numerous customers, however we did not observe any indication of successful lateral movement from the devices, Rapid7 said in its report. The earliest date for observed exploitation was
    May 17, 2026. As of May 29, 2026, this vulnerability has been added to the CISA KEV. Latest Videos From Watch full video here: You may like Palo Alto warns of critical firewall flaw, tells users a patch is on the way Fortinet patches FortiGate Firewall vulnerabilities that allowed hackers to steal enterprise credentials This Wing FTP Server flaw is being actively exploited in attacks CISA says mitigate now Added to CISA's KEV The news also prompted the US Cybersecurity and Infrastructure Security Agency (CISA) to add the bug to its Known Exploited Vulnerabilities (KEV) catalog, giving Federal Civilian Executive Branch (FCEB) agencies a deadline to patch up or stop using PAN-OS-powered devices entirely.

    Initially, the bug was given a medium-severity score, but since it escalated into real-life attacks, the rating has been elevated as well:

    "Palo Alto Networks has become aware of limited exploit attempts on unpatched PAN-OS devices without mitigations applied," the company said.

    Different versions of PAN-OS are affected: 12.1 versions earlier than 12.1.4-h6 or 12.1.7, 11.2 versions earlier than 11.2.4-h17, 11.2.7-h14, 11.2.10-h7, or 11.2.12, 11.1 versions earlier than 11.1.4-h33, 11.1.6-h32, 11.1.7-h6, 11.1.10-h25, 11.1.13-h5, or 11.1.15, and 10.2 versions earlier
    than 10.2.7-h34, 10.2.10-h36, 10.2.13-h21, 10.2.16-h7, or 10.2.18-h6. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting
    your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Prisma Access 10.2 and 11.2 deployments running vulnerable releases are also vulnerable. Palo Alto issued a staggered patch schedule starting May 15,
    2026, with additional updates rolling out through May 2829, 2026 depending on the PAN-OS version.

    Via The Register The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/rapid7-observes-new-palo-alto-vpn-flaw- exploited-in-the-wild-to-bypass-globalprotect-authentication


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)