SSA-967325: Multiple Vulnerabilities in Palo Alto Networks PAN-OS on RUGGEDCOM APE1808 Devices

CRITICAL

CVSS 10.0

Date 2026-06-09T00:00:00+00:00

Source siemens-productcert

Published by Siemens ProductCERT

// Description

Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications. [1] https://security.paloaltonetworks.com/

// Vulnerabilities (8)

CVE ID	CVSS Score	Severity	Description
CVE-2026-0262	7.5	high	CVE-2026-0262. Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to a dataplane interface
CVE-2026-0265	9.8	critical	CVE-2026-0265. An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled
CVE-2026-0300	10.0	critical	CVE-2026-0300. A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
CVE-2026-0258	8.2	high	CVE-2026-0258. A server-side request forgery (SSRF) vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service (DoS) condition
CVE-2026-0261	7.2	high	CVE-2026-0261. Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI
CVE-2026-0256	5.2	medium	CVE-2026-0256. A stored cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface.
CVE-2026-0257	9.3	critical	CVE-2026-0257. Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection.
CVE-2026-0264	9.0	critical	CVE-2026-0264. A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service (DoS) condition (all PAN-OS platforms except Cloud NGFW and Prisma Access) or potentially execute arbitrary code by sending specially crafted network traffic (PA-Series hardware only)

// Remediations (8)

Mitigation: Disable Response Pages in the Interface Management Profile attached to every L3 interface in any zon

Disable Response Pages in the Interface Management Profile attached to every L3 interface in any zone where untrusted/internet traffic can ingress. Keep Response Pages enabled only on interfaces in trust/internal zones where legitimate users' browsers ingress

Patch: Contact customer support to receive patch and update information

Contact customer support to receive patch and update information

Mitigation: Disable User-ID™ Authentication Portal if not required

Disable User-ID™ Authentication Portal if not required

Mitigation: Restrict access to the User-ID Authentication Portal to trusted internal IP addresses only

Restrict access to the User-ID Authentication Portal to trusted internal IP addresses only