Palo Alto Networks PAN-OS vulnerabilities
170 known vulnerabilities affecting palo_alto_networks/pan-os.
Total CVEs
170
CISA KEV
10
actively exploited
Public exploits
9
Exploited in wild
11
Severity breakdown
CRITICAL14HIGH70MEDIUM73LOW13
Vulnerabilities
Page 3 of 9
CVE-2026-0263P3HIGHCVSS 7.2≥ 12.1.0, < 12.1.7, 12.1.4-h5≥ 11.2.0, < 11.2.12, 11.2.10-h6, 11.2.7-h13, 11.2.4-h17+1 more2026-05-13
CVE-2026-0263 [HIGH] CWE-787 CVE-2026-0263: A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allow
A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition.
Panorama, Cloud NGFW, and Prisma® Access are not impacted by these vulnerabilities.
nvd
CVE-2024-3383P3CRITICALCVSS 9.1≥ 11.0.0, < 11.0.3≥ 10.2.0, < 10.2.5+1 more2024-04-10
CVE-2024-3383 [CRITICAL] CWE-282 CVE-2024-3383: A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identit
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.
nvd
CVE-2020-2037P3HIGHCVSS 7.2≥ 8.1, < 8.1.16≥ 9.0, < 9.0.10+1 more2020-09-09
CVE-2020-2037 [HIGH] CWE-78 CVE-2020-2037: An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated a
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3.
nvd
CVE-2025-4231P3HIGHCVSS 7.2≥ 11.0.0, < 11.0.3≥ 10.2.0, < 10.2.8+1 more2025-06-13
CVE-2025-4231 [HIGH] CWE-77 CVE-2025-4231: A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrat
A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user.
The attacker must have network access to the management web interface and successfully authenticate to exploit this issue.
Cloud NGFW and Prisma Access are not impacted by this vulnerability.
nvd
CVE-2020-2000P3HIGHCVSS 7.2≥ 8.1, < 8.1.16≥ 9.0, < 9.0.10+2 more2020-11-12
CVE-2020-2000 [HIGH] CWE-20 CVE-2020-2000: An OS command injection and memory corruption vulnerability in the PAN-OS management web interface t
An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0
nvd
CVE-2019-1572P3HIGHCVSS 7.5vPAN-OS 9.0.02019-03-26
CVE-2019-1572 [HIGH] CVE-2019-1572: PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files.
PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files.
nvd
CVE-2020-2030P3HIGHCVSS 7.2v8.0.*v7.1.*+1 more2020-07-08
CVE-2020-2030 [HIGH] CWE-78 CVE-2020-2030: An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated a
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0. This issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access servi
nvd
CVE-2020-2010P3HIGHCVSS 7.2v8.0.*v7.1.*+2 more2020-05-13
CVE-2020-2010 [HIGH] CWE-78 CVE-2020-2010: An OS command injection vulnerability in PAN-OS management interface allows an authenticated adminis
An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7.
nvd
CVE-2020-2029P3HIGHCVSS 7.2v8.0.*≥ 7.1, < 7.1.26+1 more2020-06-10
CVE-2020-2029 [HIGH] CWE-78 CVE-2020-2029: An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated ad
An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. This issue affects: All versions of PAN-OS 8.0; PAN-OS 7.1 versions earlier than PAN-OS 7.1.
nvd
CVE-2024-8686P3HIGHCVSS 7.2v11.2.22024-09-11
CVE-2024-8686 [HIGH] CWE-78 CVE-2024-8686: A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated adm
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.
nvd
CVE-2024-0008P3HIGHCVSS 8.8≥ 9.0, < 9.0.17-h2≥ 9.0, < 9.0.18+7 more2024-02-14
CVE-2024-0008 [HIGH] CWE-613 CVE-2024-0008: Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in cert
Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access.
nvd
CVE-2020-2028P3HIGHCVSS 7.2v7.1.*v8.0.*+2 more2020-06-10
CVE-2020-2028 [HIGH] CWE-78 CVE-2020-2028: An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrator
An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than PAN-OS
nvd
CVE-2020-2002P3HIGHCVSS 8.1v8.0.*≥ 8.1, < 8.1.13+2 more2020-05-13
CVE-2020-2002 [HIGH] CWE-290 CVE-2020-2002: An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID c
An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle t
nvd
CVE-2020-2007P3HIGHCVSS 7.2v7.1.*v8.0.*+2 more2020-05-13
CVE-2020-2007 [HIGH] CWE-78 CVE-2020-2007: An OS command injection vulnerability in the management server component of PAN-OS allows an authent
An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. This issue affects: All PAN-OS 7.1 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7.
nvd
CVE-2020-2009P3HIGHCVSS 7.2v7.1.*v8.0.*+2 more2020-05-13
CVE-2020-2009 [HIGH] CWE-73 CVE-2020-2009: An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS P
An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions. This issue a
nvd
CVE-2021-3058P3HIGHCVSS 7.2≥ 10.1, < 10.1.3≥ 9.0, < 9.0.14-h3+3 more2021-11-10
CVE-2021-3058 [HIGH] CWE-78 CVE-2021-3058: An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an auth
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.
nvd
CVE-2021-3061P3HIGHCVSS 7.2≥ 8.1, < 8.1.20-h1≥ 9.0, < 9.0.14-h3+3 more2021-11-10
CVE-2021-3061 [HIGH] CWE-78 CVE-2021-3061: An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI)
An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versi
nvd
CVE-2025-4230P3HIGHCVSS 8.4≥ 11.2.0, < 11.2.6≥ 11.1.0, < 11.1.10+2 more2025-06-13
CVE-2025-4230 [HIGH] CWE-78 CVE-2025-4230: A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated ad
A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.
The security risk posed by this issue is significantly minimized when CLI access is restric
nvd
CVE-2020-2008P3HIGHCVSS 7.2v8.0.*v7.1.*+1 more2020-05-13
CVE-2020-2008 [HIGH] CWE-73 CVE-2020-2008: An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS
An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions e
nvd
CVE-2020-2027P3HIGHCVSS 7.2v7.1.*v8.0.*+2 more2020-06-10
CVE-2020-2027 [HIGH] CWE-121 CVE-2020-2027: A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authen
A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than
nvd