7.2

CVE-2026-0288

PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic.

The security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. .

Panorama is not impacted by this vulnerability.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerPalo Alto Networks
Produkt Cloud NGFW
Default Statusaffected
Version All
Status unaffected
HerstellerPalo Alto Networks
Produkt PAN-OS
Default Statusunaffected
Version 12.1.0
Version < 12.1.8
Status affected
Version 11.2.0
Version < 11.2.13
Status affected
Version 11.1.0
Version < 11.1.16
Status affected
Version 10.2.0
Version < 10.2.7-h36
Status affected
HerstellerPalo Alto Networks
Produkt Prisma Access
Default Statusunaffected
Version 11.2.0
Version < 11.2.7-h18
Status affected
Version 10.2.0
Version < 10.2.10-h39
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.52% 0.407
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
psirt@paloaltonetworks.com 7.2 0 0
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Red
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.