Palo Alto GlobalProtect CVE-2026-0257 Is No Longer Theoretical, Exploitation Has Reached Unpatched VPN Edges

The vulnerability affects the GlobalProtect portal and gateway in PAN-OS and can let a remote, unauthenticated attacker establish an unauthorized VPN connection if two conditions are true: authentication override cookies are enabled, and the deployment reuses the wrong certificate for that feature. That means not every PAN-OS system is exposed, but organizations that do meet the exposure conditions are dealing with a real edge-access problem, not a hypothetical one.

This is a classic enterprise risk multiplier. The issue itself may not start with full appliance takeover, yet an unauthorized VPN connection into internal networks can become the bridge that turns a misconfiguration and a software flaw into a broader intrusion path.

Summary

Palo Alto's advisory now rates CVE-2026-0257 with urgency at the highest level, severity high, and exploit maturity attacked. The company says the vulnerability allows an attacker to bypass security restrictions and establish an unauthorized VPN connection through GlobalProtect. It also says Palo Alto has become aware of limited exploit attempts on unpatched PAN-OS devices without mitigations applied.

Rapid7 fills in the operational picture. Its May 29, 2026 write-up says MDR identified successful exploitation across numerous customers, with the earliest observed activity on May 17. According to Rapid7, some attacks resulted in successful cookie-based authentication probes without a full VPN session, while others went further and did obtain VPN IP assignment, which effectively delivered internal network access.

The CCB warning from June 1 reinforces that this should be treated as an active threat management problem. The Belgian advisory states the bug is already actively exploited in the wild and explicitly recommends upscaled monitoring and detection. That combination of vendor confirmation, third-party incident observations, and national cyber authority warning is enough to justify immediate remediation even for organizations that do not yet see signs of compromise.

What happened

Palo Alto first published the CVE-2026-0257 advisory on May 13, 2026, and updated it on May 29, 2026. The core flaw is in how certain GlobalProtect deployments handle authentication override cookies. Palo Alto says the bug exists when firewalls with a GlobalProtect portal or gateway have authentication override cookies enabled and a specific certificate configuration is present.

Rapid7's technical analysis explains why that combination matters. Authentication override lets a portal or gateway issue cookies that can be reused instead of prompting the user to re-authenticate. Rapid7 says the problem is that the decrypted cookie contents are trusted without signature verification. If a deployment reuses the same certificate in a way that exposes the public key through another feature, such as HTTPS service on the portal or gateway, an attacker can forge an authentication override cookie that the device will accept.

That is the part defenders should focus on. This is not an all-PAN-OS bug in the abstract. It is a flaw with concrete exposure preconditions, but those preconditions are common enough in real environments that exploitation moved quickly after disclosure. Rapid7 says the first wave it observed used infrastructure hosted at Vultr and involved suspicious cookie authentication to the local admin account. A second wave on May 21 originated from Dromatics Systems, and in some incidents the attacker received VPN IP assignment after the forged cookie was accepted.

Palo Alto's own advisory now states that limited exploit attempts have been seen against unpatched devices without mitigations. The CCB advisory goes a step further on the defender side by framing the issue as actively exploited and highlighting the importance of checking whether authentication override is enabled.

Affected products and fixed versions

The official Palo Alto advisory provides the authoritative version guidance. Affected lines include PAN-OS 10.2, 11.1, 11.2, and 12.1 before the listed fixed versions, and Prisma Access versions in the affected trains before the listed fixes. Panorama and Cloud NGFW are not impacted according to Palo Alto.

For defenders, the more practical question is not just "Am I running an affected branch?" but "Do I meet the exposure conditions?" If authentication override is not enabled for the relevant portal or gateway, the risk picture changes materially. If it is enabled and the certificate reuse pattern is present, the issue becomes urgent.

Palo Alto's mitigation guidance is direct. Customers can either disable authentication override or generate a dedicated certificate exclusively for authentication override cookies and stop sharing it with other services or users. Those mitigations matter for risk reduction during emergency response, but the durable fix is still upgrade to a supported fixed version.

Why this matters for defenders

Unauthorized VPN access is one of the most dangerous outcomes an edge appliance flaw can deliver because it collapses trust boundaries. Once an attacker can enter through the VPN path as an apparently authenticated session, downstream monitoring may see activity that initially resembles legitimate remote access rather than obvious exploit traffic.

That means the problem is bigger than the CVSS label might suggest in isolation. A medium-to-high scoring bug that hands out network footholds on enterprise VPN infrastructure can be strategically worse than some louder bugs because it can feed privilege escalation, lateral movement, and data access without immediately crashing or breaking the appliance.

It also highlights a recurring lesson from 2026 edge-device incidents: configuration-dependent vulnerabilities still become real-world incidents when those configurations are common, copied between deployments, or left in place for convenience. Defenders cannot dismiss these issues just because exploitation requires a specific feature toggle or certificate pattern.

Defender guidance

Start with exposure validation. Review every GlobalProtect portal and gateway to determine whether authentication override is enabled. Then verify whether the certificate used for authentication override is reused elsewhere, especially in a way that lets attackers recover the corresponding public key.

Next, move directly to patching on exposed systems. Palo Alto lists fixed versions across PAN-OS 10.2, 11.1, 11.2, and 12.1, and the remediation path is explicit. If emergency change control slows upgrades, use Palo Alto's documented mitigations right away by disabling authentication override or assigning a dedicated certificate for that feature.

Then hunt for suspicious authentication patterns. Rapid7 specifically called out cookie-based logins, local admin account authentication, low-cost hosting providers, and odd host naming or MAC artifacts across impacted environments. Even if an attacker failed to complete VPN session establishment, accepted forged cookies should still be treated as a sign of attempted compromise.

Finally, treat edge appliance compromise assessment as a parallel workstream, not something that waits until after patching. Patch closes the door going forward, but it does not answer whether the door was already opened in May.