PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)
CVE-2026-0272

5.6MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 10 June 2026

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-0272?

A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges.

The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).

Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

Affected Version(s)

PAN-OS 12.1.0 < 12.1.4-h7

PAN-OS 11.2.0 < 11.2.4-h18

PAN-OS 11.1.0 < 11.1.4-h34

References

https://security.paloaltonetworks.com/CVE-2026-0272

vendor-advisory

CVSS V4

Score:

5.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jun 10, 2026
Vulnerability published
Jun 10, 2026
Vulnerability Reserved
Nov 3, 2025

Credit

Palo Alto Networks thanks an external reporter, Frigo, for discovering and reporting this issue.

CVE-2026-0272 Data

JSON