Palo Alto Networks published an out of band advisory on May 30 covering CVE-2026-0257, an authentication bypass affecting the GlobalProtect portal and gateway components of PAN-OS. The vendor confirmed in the official security advisory that limited exploit attempts have already been observed against unpatched devices, and it rates the issue 7.8 on the CVSS v3.1 scale. The flaw lives in how PAN-OS generates and validates authentication override cookies, the same cookies that let GlobalProtect users skip a full auth round trip on subsequent connections.
The surprising detail is not the score, it is the exposure surface. The bug only triggers on firewalls that have authentication override cookies enabled and a specific certificate configuration in place, which keeps Cloud NGFW and Panorama out of scope entirely. That narrows the blast radius, but it also means many operators will assume they are safe without actually checking the relevant Network > GlobalProtect > Portals and Gateways tabs. The advisory is explicit that this is a CWE-565 cookie integrity failure, so once an attacker forges a valid override cookie they walk straight past the login flow and stand up an unauthorized VPN session.
The cookie forgery path and what it actually grants
GlobalProtect supports a feature called authentication override, which issues a signed cookie after a successful login so that mobile clients do not have to re-authenticate against SAML or LDAP on every reconnect. The advisory describes the issue as reliance on cookies without proper validation and integrity checking, which in plain terms means an unauthenticated network attacker can present a crafted cookie that the gateway accepts as legitimate. The attack vector is network, complexity is low, and no user interaction is required.
What the attacker gets is a working VPN session with whatever entitlements the impersonated user holds. That is not root on the firewall and it is not arbitrary command execution, but it is a clean, logged in foothold inside whatever network segments the GlobalProtect tunnel reaches. For most enterprises that is internal corporate, and for many it is the path into Active Directory, file shares, and the management VLANs that host the firewall itself. Confidentiality and integrity impact are rated HIGH in the advisory, availability is NONE.
The patch matrix is unusually fragmented
Fixed builds ship across four PAN-OS trains. On 12.1, the fix lands in 12.1.4-h6 or 12.1.7. On 11.2, operators need 11.2.4-h17, 11.2.7-h14, 11.2.10-h7, or 11.2.12 depending on their current minor. The 11.1 train carries five different hotfix targets (11.1.4-h33, 11.1.6-h32, 11.1.7-h6, 11.1.10-h25, 11.1.13-h5) before consolidating at 11.1.15. The 10.2 train similarly fans out across five hotfixes ending at 10.2.18-h6. Cloud NGFW is not affected, and Prisma Access is being upgraded by Palo Alto on the standard maintenance cadence.
One operational detail buried in the advisory matters for change windows. After upgrading, all override cookies are regenerated under a stronger scheme, which forces every GlobalProtect user to re-authenticate once. That is a one time event but it lands as a help desk spike at 9am the morning after the patch, so plan staffing accordingly.
Mitigations that buy time without breaking remote work
For shops that cannot patch tonight, Palo Alto recommends generating a dedicated certificate used exclusively for signing authentication override cookies, with no reuse against portal, gateway, or any other PAN-OS feature. That tightens the integrity boundary enough to block the known exploit path. The other option is to disable authentication override entirely, which works but tanks the mobile user experience because every reconnect now requires a full IdP round trip.
Restricting management plane reachability to a jump host range is still good hygiene, but it does not close this specific bug because the vulnerable endpoints sit on the data plane GlobalProtect interface, which by definition has to be reachable from the public internet.
What this means for CTOs running PAN-OS at the edge
We treat any GlobalProtect auth bypass as a five alarm event, and CVE-2026-0257 is no exception. The CVSS 7.8 rating undersells the operational reality for any organisation where GlobalProtect is the primary remote access path, because a forged session is indistinguishable from a real one in your SIEM until you go looking for it. The concrete decision for the next 48 hours is straightforward. If you run PAN-OS 10.2, 11.1, 11.2, or 12.1 with authentication override enabled, schedule the hotfix into tonight's change window, accept the morning re-auth spike, and budget two analyst days to hunt for anomalous GlobalProtect sessions over the past two weeks.
For boards and audit committees, the question to put to the security team this week is specific. Do we have authentication override cookies enabled, on which gateways, and what is the dedicated signing certificate posture today. If the answer is we use the same cert across portal, gateway, and override, that is a configuration debt item that should have been closed years ago and this CVE is the forcing function.
Vendors that depend on PAN-OS at the edge for SaaS delivery should expect customer questionnaires within the week. Have the patched build number, the certificate separation status, and the GlobalProtect session audit summary ready to send, because procurement teams will ask and the ones who do not will be the ones to worry about.
The 14 day window that decides the blast radius
The number to watch is how quickly CISA moves CVE-2026-0257 onto its Known Exploited Vulnerabilities catalogue, and whether the exploit attempt count in the next two weeks stays in the limited range the advisory cites today. If KEV listing lands inside 72 hours and exploit telemetry stays narrow, this resolves as a serious but contained zero day with a clean patch path. If exploit volume jumps an order of magnitude before June 15, expect ransomware affiliates to pick up the technique within a month and treat any unpatched edge appliance as already compromised. Patch on the early curve, not the late one.
