ISLAMABAD: National CERT Pakistan has issued a high-severity cybersecurity advisory after identifying active exploitation of a critical vulnerability in Palo Alto Networks’ GlobalProtect VPN system. The warning urges organizations to take immediate action because attackers are already targeting exposed systems.
The vulnerability, identified as CVE-2026-0257, affects the GlobalProtect VPN portal and gateway running on PAN-OS software. According to the advisory, attackers can bypass authentication and gain unauthorized access to VPN sessions. Moreover, the exploit requires no user interaction, making it highly dangerous for internet-facing systems.
Growing Threat to Organizations
National CERT confirmed that cybercriminals are actively exploiting the flaw in real-world attacks. Consequently, the vulnerability has been added to the Known Exploited Vulnerabilities (KEV) list. This designation confirms that security agencies have verified ongoing attacks.
The agency warned that compromised VPN systems could provide attackers with an initial entry point into organizational networks. Government departments, financial institutions, telecom operators, and private enterprises face the highest risk because many rely on remote access services.
Potential Impact and Security Risks
Once attackers gain access, they can move laterally across internal networks. They may steal sensitive information, harvest user credentials, and maintain long-term access to affected systems. Furthermore, compromised VPN infrastructure could disrupt essential services and expose connected networks to additional cyberattacks.
National CERT stressed that the vulnerability poses a serious threat because it does not require authentication or user action. Therefore, organizations should immediately apply available security updates, review system logs, strengthen monitoring, and secure all internet-facing VPN deployments to reduce the risk of cyber intrusion and protect critical digital infrastructure.
Meta Description: National CERT Pakistan warns of actively exploited Palo Alto VPN vulnerability, urging organizations to patch systems and strengthen cybersecurity defenses immediately.
