CVE-2026-0272
Received Received - Intake
Privilege Escalation in Palo Alto PAN-OS

Publication date: 2026-06-10

Last updated on: 2026-06-10

Assigner: Palo Alto Networks, Inc.

Description
A privilege escalation vulnerability in Palo Alto Networks PAN-OSยฎ software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW, and Prismaยฎ Access are not impacted by this vulnerability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-10
Last Modified
2026-06-10
Generated
2026-06-11
AI Q&A
2026-06-11
EPSS Evaluated
N/A
NVD
CVE-2026-0272
EUVD
EUVD-2026-36148
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
palo_alto_networks pan-os *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify how this privilege escalation vulnerability in Palo Alto Networks PAN-OS software affects compliance with common standards and regulations such as GDPR or HIPAA.

Detection Guidance

This vulnerability involves privilege escalation for authenticated administrators with CLI access on Palo Alto Networks PAN-OS devices. Detection primarily involves verifying and restricting CLI access to trusted administrators and limiting management interface access to trusted internal IP addresses.

There are no specific commands or detection tools provided in the available information to directly detect exploitation of this vulnerability.

Best practices include auditing user accounts with CLI access, reviewing administrator privileges, and monitoring management interface access logs for unauthorized or unusual activity.

Executive Summary

This vulnerability is a privilege escalation issue in Palo Alto Networks PAN-OS software. It allows an authenticated administrator who has access to the Command Line Interface (CLI) to perform actions on the device with root privileges, which are the highest level of access.

The risk is reduced if CLI access is limited to a small group of administrators and if management interface access is restricted to trusted internal IP addresses, following recommended best practices.

This vulnerability affects PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series), but does not impact Cloud NGFW or Prisma Access.

Impact Analysis

If exploited, this vulnerability allows an authenticated administrator to gain root-level privileges on the affected device. This means they could perform any action on the device, potentially compromising its security and control.

The impact is significant because root privileges allow full control over the device, which could lead to unauthorized changes, data exposure, or disruption of network security functions.

However, the risk is significantly minimized if access to the CLI and management interface is properly restricted according to best practice guidelines.

Mitigation Strategies

To mitigate this privilege escalation vulnerability in Palo Alto Networks PAN-OS software, restrict CLI access to a limited group of administrators.

Additionally, restrict access to the management interface to only trusted internal IP addresses following Palo Alto Networks' recommended best practice deployment guidelines.

Chat Assistant
Ask questions about this CVE
Hi! Iโ€™m here to help you understand CVE-2026-0272. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart