CVE-2026-0273
MediumCVSS 6.1Exploitation Probability (EPSS)
Low risk49th percentile — higher than 49% of all known CVEs
Summary
A command injection vulnerability in PAN-OS® allows an authenticated administrator to bypass system restrictions and execute arbitrary commands as a root user. Exploiting this issue requires access to the PAN-OS CLI or Web UI.
Risk Assessment
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and when access to the management web interface is limited to trusted internal IP addresses.
Recommendation
It is recommended to restrict access to the CLI and web interface to trusted administrators and IP addresses according to best practice deployment guidelines.
Original NVD description (English source)
A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability.

