目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2026-0288— PAN-OS User-ID 终端服务器智能体缓冲区溢出漏洞

AI 预测 8.6 利用难度: 较易 EPSS 0.52% · P41

影响版本矩阵 7

厂商产品版本范围状态
Palo Alto NetworksCloud NGFWAllunaffected
Palo Alto NetworksPAN-OS12.1.0< 12.1.8affected
11.2.0< 11.2.13affected
11.1.0< 11.1.16affected
10.2.0< 10.2.7-h36affected
Palo Alto NetworksPrisma Access11.2.0< 11.2.7-h18affected
10.2.0< 10.2.10-h39affected
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2026-0288 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic. The security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. . Panorama is not impacted by this vulnerability.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
跨界内存写
来源: 美国国家漏洞数据库 NVD

受影响产品

厂商产品影响版本CPE订阅
Palo Alto NetworksCloud NGFW All -
Palo Alto NetworksPAN-OS 12.1.0 ~ 12.1.8 cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*
Palo Alto NetworksPrisma Access 11.2.0 ~ 11.2.7-h18 -

二、漏洞 CVE-2026-0288 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2026-0288 的情报信息

登录查看更多情报信息。

CVE-2026-0288 厂商安全公告 (2)

IV. Related Vulnerabilities

V. Comments for CVE-2026-0288

暂无评论


发表评论