Trusted DesignAn unidentified threat actor is actively exploiting CVE-2026-0257, an authentication bypass vulnerability in PAN-OS GlobalProtect portal and gateway components. The flaw allows unauthorized attackers to circumvent security controls and initiate VPN connections. The vulnerability was added to CISA's Known Exploited Vulnerabilities catalog on May 29, 2026. Exploitation activity has been detected targeting GlobalProtect, with a small portion of probed devices successfully establishing VPN sessions. No post-access behavior or lateral movement has been identified. Organizations are advised to hunt for indicators including specific IP addresses, suspicious host IDs, and MAC addresses. Palo Alto Networks recommends following security advisory guidance, implementing available workarounds, and upgrading to patched versions.
Created: 2026-06-08
Indicatorsは見つかっていない。
類似するPulseは見つかりませんでした。
事実ベースの脅威アクターは見つかりませんでした。
推論ベースの脅威アクターは見つかりませんでした。
このPulseに見つかったCVEはありません。