Black & White Path

May 11, 2026 · Information Security

State‑Sponsored Actors Gain Root on Palo Alto PAN‑OS via Captive Portal Buffer Overflow

A detailed analysis of CVE‑2026‑0300 reveals how a nation‑backed group exploited a buffer‑overflow in PAN‑OS's Captive Portal to obtain root on Palo Alto firewalls, outlining the attack chain, affected versions, immediate mitigations, long‑term remediation, compliance impacts, and lessons learned.