Critical PAN-OS Vulnerability Allows Remote Code Execution

Palo Alto Networks has identified a critical vulnerability in its PAN-OS software, designated as CVE-2026-0288, which could permit unauthenticated attackers to execute arbitrary code or induce a denial-of-service (DoS) condition by transmitting specially crafted network traffic. This flaw has been assigned a CVSS-B score of 9.2, indicating a high severity level, and the company has labeled it with the highest urgency rating.

The root cause of this vulnerability lies in multiple buffer overflow issues within the User-ID Terminal Server Agent (TSA) component of PAN-OS. An attacker with network access to the TSA’s IP and port can exploit these flaws without requiring authentication or user interaction. Successful exploitation may lead to memory corruption, potentially resulting in remote code execution or service crashes.

Devices are vulnerable if they have at least one Terminal Server Agent entry configured, which can be found under Device > User Identification > Terminal Server Agents. Notably, Panorama and Cloud NGFW on AWS are not affected by this issue.

Affected Versions and Risk Assessment

The vulnerability impacts several PAN-OS versions:

  • PAN-OS 12.1: Versions prior to 12.1.4-h8, 12.1.7-h2, or 12.1.8
  • PAN-OS 11.2: Versions before 11.2.4-h20, 11.2.7-h18, 11.2.10-h12, or 11.2.13
  • PAN-OS 11.1: Versions before 11.1.4-h35 through 11.1.16 (multiple hotfix branches)
  • PAN-OS 10.2: Versions before 10.2.7-h36 through 10.2.18-h8
  • Prisma Access 11.2.0 and 10.2.0: Rated medium severity due to authentication requirements

The severity of the risk varies based on exposure. Devices with TSA exposed to the internet or untrusted networks face a high severity rating (CVSS-B 9.2), while those restricting TSA access to trusted internal IPs have a reduced risk (CVSS-B 7.7). As of now, Palo Alto Networks reports no known active exploitation of this vulnerability.

Recommended Actions

Palo Alto Networks strongly advises immediate patching across all affected versions. Specific fixed versions vary by minor release, and detailed information is available in the company’s advisory. For Prisma Access customers, upgrades will be implemented during scheduled maintenance cycles, though on-demand upgrades can be requested through support channels.

As a temporary mitigation measure, organizations should restrict User-ID Terminal Server Agent connectivity to trusted internal IP addresses only. This approach aligns with Palo Alto Networks’ best-practice deployment guidelines and significantly reduces the attack surface even before patches are applied.

This vulnerability was responsibly disclosed by security researcher Liang Zhu, who has been credited by Palo Alto Networks for the discovery. Given the network-based attack vector, low complexity, and lack of required privileges, organizations with exposed TSA configurations should prioritize patching immediately to safeguard their systems.

In the broader context, this incident underscores the critical importance of timely vulnerability management and the need for organizations to maintain strict access controls, especially for components like the Terminal Server Agent. Proactive measures, such as regular software updates and adherence to best-practice deployment guidelines, are essential in mitigating potential security risks.