HIGH 7.2

CVE-2026-0273: PAN-OS Command Injection Allows Root Access via Admin UI

A command injection flaw in Palo Alto Networks PAN-OS allows any authenticated administrator who can reach the CLI or web management interface to execute arbitrary commands with root privileges. The vulnerability affects PA-Series, VM-Series firewalls, and Panorama deployments, but not Cloud NGFW or Prisma Access. While the flaw requires legitimate admin credentials to exploit, an insider threat or compromised admin account could lead to complete system compromise. The risk is materially lower when CLI access is tightly restricted and the management interface is isolated to trusted internal networks only.

Source data · NVD / CISA · public domain

CVSS
3.1 · 7.2 HIGH · CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Weaknesses (CWE)
CWE-78
Affected products
177 configuration(s)
Published / Modified
2026-06-10 / 2026-07-14

NVD description (verbatim)

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not affected by this vulnerability.

2 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

This is a CWE-78 OS command injection vulnerability present in the PAN-OS management plane. An authenticated principal with access to either the CLI or Web UI can craft input that bypasses system restrictions and executes arbitrary commands in the context of the root user. The attack has a network-based attack vector, requires high privileges (authenticated admin), and causes high impact across confidentiality, integrity, and availability. The vulnerability scores 7.2 (HIGH) under CVSS 3.1 due to the requirement for prior authentication, which restricts the attack surface but leaves privileged insiders and compromised credentials as critical risk factors.

Business impact

Successful exploitation could allow an attacker with admin credentials to gain unrestricted root-level control of critical perimeter infrastructure. This enables data exfiltration, configuration tampering, traffic inspection/hijacking, and denial of service. For organizations relying on Palo Alto firewalls as a foundational security control, compromise of the management plane translates to compromise of the entire security posture. The impact is especially severe if the attacker covers their tracks by modifying logs or disabling security rules. Organizations should treat this as a credential-hygiene and privileged-access-management issue as much as a patch issue.

Affected systems

PAN-OS running on PA-Series physical firewalls, VM-Series virtual instances, Panorama (including virtual and M-Series appliances). Cloud NGFW and Prisma Access deployments are not vulnerable. Any deployment with one or more of these systems in the network perimeter is potentially at risk if management access is not tightly controlled.

Exploitability

Exploitation requires valid administrative credentials and network-layer access to the management interface—either the CLI (SSH/telnet) or Web UI (HTTPS). An attacker cannot exploit this remotely without first compromising or socially engineering an admin account. However, the ease of command injection exploitation once authenticated, combined with the high-value nature of firewall admin access, makes this a realistic threat vector in insider and credential-compromise scenarios. The barrier to exploitation is authentication; the barrier to impact is minimal once inside.

Remediation

Apply vendor patches when released. In parallel, immediately audit administrative access: enforce multi-factor authentication on all admin accounts, rotate credentials, and review recent admin activity logs for anomalies. Restrict CLI and Web UI access by source IP to a hardened jump host or management network, and disable unnecessary management protocols. Implement role-based access control to limit administrative scope where feasible. Monitor for suspicious command-line activity and API calls originating from the management plane.

Patch guidance

Consult the Palo Alto Networks security advisory for affected PAN-OS versions and available patches. Patches will likely be released as minor or maintenance updates. Establish a phased rollout plan for production firewalls, testing in a staging environment first. Prioritize appliances with the highest exposure (those with broader admin access or internet-facing management). Verify patch installation by confirming the updated version in the system information dashboard.

Detection guidance

Monitor management interface access logs for unusual login times, geographic anomalies, or failed authentication bursts. Instrument firewall audit logs and syslog forwarding to detect command-line activity that appears out of policy (for example, shell meta-characters, redirects, or privilege escalation attempts in admin CLI sessions). Correlate access logs with identity directory changes or credential rotation events. SIEM rules should flag rapid CLI commands or API calls from a single session that modify security policies or export sensitive data.

Why prioritize this

This is a HIGH-severity flaw affecting core infrastructure. While authentication is required, the ease of exploitation post-compromise and the critical role of perimeter firewalls justify urgent remediation. Organizations with weak privileged-access controls or public-facing management interfaces should prioritize this above routine patches. The absence of KEV or active exploitation reports does not diminish urgency—this is a pre-emptive vulnerability that should be patched before adversaries recognize its value.

Risk score, explained

CVSS 7.2 (HIGH) reflects the combination of network accessibility, high-privilege requirement, and high impact (confidentiality, integrity, availability all compromised). The score is not CRITICAL because exploitation mandates prior authentication. However, the real-world risk may trend higher in organizations with poor credential hygiene, legacy privileged-access management, or widespread admin account sharing—factors not captured in CVSS but critical to risk assessment.

Frequently asked questions

Do I need to patch if my firewall management interface is only accessible from a hardened internal network?

Yes. While network isolation significantly reduces exploitability, it does not eliminate the vulnerability. Insider threats, compromised administrative accounts, and lateral movement from other breached systems remain viable attack paths. Patches address the root cause; isolation is a compensating control, not a substitute for patching.

Does this vulnerability affect Cloud NGFW or Prisma Access customers?

No. The advisory explicitly confirms that Cloud NGFW and Prisma Access are not affected. Only PAN-OS on PA-Series, VM-Series, and Panorama appliances are vulnerable. Cloud-managed products are out of scope.

What if we cannot apply patches immediately—what should we do?

Immediately restrict CLI and Web UI access to a minimal set of trusted IP addresses or a management network. Enforce MFA on all admin accounts. Disable unused management protocols (e.g., HTTP, unencrypted CLI). Increase monitoring of admin sessions for anomalous behavior. Request a timeline from Palo Alto Networks for patch availability and plan your rollout accordingly.

Could this be exploited by a non-admin user or via the data plane?

No. The vulnerability is restricted to the management plane and requires authenticated administrative privileges. Non-admin users, guest accounts, and attacks originating from the data plane (passing traffic through the firewall) cannot trigger this flaw.

This summary is derived from publicly available information and the CVE record as of the publication date. It does not constitute security advice specific to your organization or systems. Consult the official Palo Alto Networks security advisory, test all patches in a non-production environment before deployment, and engage your vendor for version-specific remediation guidance. Risk assessments must account for your unique deployment topology, access controls, and threat model. SEC.co makes no warranty regarding the completeness or accuracy of this analysis and is not liable for damages arising from its use or misuse. Source: NVD (public-domain), retrieved 2026-07-19. Analysis generated by SEC.co (claude-haiku-4-5).