CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 02, 2026

CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation - Cybersecurity Dive

Cybersecurity Dive Archived Jun 02, 2026 ✓ Full text saved

CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation Cybersecurity Dive

Full text archived locally
✦ AI Summary · Claude Sonnet


    DIVE BRIEF CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation The vulnerability in a vital defensive technology creates serious risks for federal networks, CISA said. Published June 1, 2026 Eric Geller Senior Reporter Share License Add us on Google Palo Alto Networks’ booth is seen on the show floor of the RSA Conference in San Francisco on April 27, 2023. Experts say hackers have begun exploiting a serious flaw in the company’s firewalls. Matt Kapko/Cybersecurity Dive Hackers are exploiting a software vulnerability in Palo Alto Networks’ firewalls to evade login requirements and remotely access protected systems, the company warned on Friday. “Palo Alto Networks has become aware of limited exploit attempts on unpatched PAN-OS devices without mitigations applied,” the company said in an update to its security advisory about the flaw, which is tracked as CVE-2026-0257. CISA on Friday added the high-severity bug to its Known Exploited Vulnerabilities catalog, which requires federal agencies to rapidly patch the flaw. The U.S. government and many critical infrastructure organizations use firewalls from Palo Alto Networks, which is one of the leading vendors in the marketplace. If hackers bypassed those firewalls’ protections, they could acquire sweeping access to customers’ networks. “This type of vulnerability is a frequent attack [vector] for malicious cyber actors and poses significant risks to the federal enterprise,” CISA said in its alert about the KEV addition. Researchers at Rapid7 said they observed exploitation beginning in mid-May but had not yet seen evidence of successful lateral movement from the firewalls to other network devices. Even so, Rapid7 said, “An authentication bypass in an edge-facing enterprise VPN appliance can have significant impact to affected organizations.” Hackers have frequently targeted Palo Alto Networks firewalls because of their essential role in defending the network perimeter. In May, the company disclosed another flaw in PAN-OS’s authentication system, which CISA also added to the KEV. Add us on Google Share PURCHASE LICENSING RIGHTS Filed Under: Vulnerability, Cyberattacks, Threats
    💬 Team Notes
    Article Info
    Source
    Cybersecurity Dive
    Category
    ◇ Industry News & Leadership
    Published
    Jun 02, 2026
    Archived
    Jun 02, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗