CVE-2026-0288

HIGH

PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent

Title source: cna
STIX 2.1

Description

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic. The security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. . Panorama is not impacted by this vulnerability.

References (2)

Core 2
Core References
Vendor Advisory vendor-advisory
https://security.paloaltonetworks.com/CVE-2026-PAN-323400
https://security.paloaltonetworks.com/CVE-2026-0288

Scores

CVSS v3 7.5
EPSS 0.0056
EPSS Percentile 42.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (9)
Palo Alto Networks/Cloud NGFW All
Palo Alto Networks/PAN-OS 10.2.0 - 10.2.7-h36
Palo Alto Networks/PAN-OS 11.1.0 - 11.1.16
Palo Alto Networks/PAN-OS 11.2.0 - 11.2.13
Palo Alto Networks/PAN-OS 12.1.0 - 12.1.8
Palo Alto Networks/Prisma Access 10.2.0 - 10.2.10-h39
Palo Alto Networks/Prisma Access 11.2.0 - 11.2.7-h18
paloaltonetworks/pan-os 10.2.7 (28 CPE variants)
paloaltonetworks/pan-os 10.2.10 (15 CPE variants)
Published Jul 08, 2026
Tracked Since Jul 09, 2026