Skip to content
Security Alerts

CVE-2026-0233 and CVE-2026-0234: Critical Vulnerabilities in Palo Alto Networks Cortex XSOAR, XSIAM and ADEM - Immediate Update Required

Two high severity vulnerabilities have been identified in Palo Alto Networks Cortex XSOAR, Cortex XSIAM, and ADEM. CVE-2026-0233 and CVE-2026-0234 could allow an unauthenticated attacker to bypass security mechanisms and execute arbitrary code on affected systems.

Marcin Godula Marcin Godula

Summary

ParameterValue
CVE IDCVE-2026-0233, CVE-2026-0234
Alert SourcePalo Alto Networks Security Advisory
CVE Publication Year2026
Date Published2026-04-09
VendorPalo Alto Networks
ProductsCortex XSOAR, Cortex XSIAM, ADEM
Vulnerability TypeArbitrary Code Execution / Security Feature Bypass
CISA KEVNo
RansomwareNot confirmed

Vulnerability Description

Two high severity vulnerabilities have been identified in Palo Alto Networks products:

CVE-2026-0233 — Arbitrary Code Execution

This vulnerability allows an unauthenticated attacker to execute arbitrary code on affected systems. It affects the Microsoft Teams Marketplace component in Cortex XSOAR and XSIAM.

CVE-2026-0234 — Security Feature Bypass

This vulnerability allows bypassing security mechanisms, which combined with CVE-2026-0233 could lead to full compromise of security orchestration and management platforms.

Cortex XSOAR and XSIAM products are critical components of SOAR/SIEM infrastructure in many organizations — their compromise could enable an attacker to access the entire security ecosystem.

Affected Products

ProductAffected VersionsFixed Version
Autonomous Digital Experience Manager (ADEM)5.10.x prior to 5.10.145.10.14
Cortex XSIAM Microsoft Teams Marketplace1.5.x prior to 1.5.521.5.52
Cortex XSOAR Microsoft Teams Marketplace1.5.x prior to 1.5.521.5.52

Required Actions

  1. Verify installed Palo Alto Networks product versions
  2. Update affected products to the latest versions:
    • ADEM → update to 5.10.14 or later
    • Cortex XSIAM/XSOAR Microsoft Teams Marketplace → update to 1.5.52 or later
  3. Monitor system logs for suspicious activity

References

  • Palo Alto Networks Security Advisory CVE-2026-0233
  • Palo Alto Networks Security Advisory CVE-2026-0234

How can nFlo help?

If your organization uses products affected by this vulnerability, contact us. We can help with:

  • Verifying whether your systems are at risk
  • Implementing patches and risk mitigation
  • Monitoring for exploitation attempts in your environment

Useful resources:

Learn More

Tags:

cve-2026-0233 cve-2026-0234 high palo-alto-networks cortex xsoar xsiam vulnerability

Share:

Talk to an expert

Have questions about this topic? Get in touch with our specialist.

Sales Representative
Grzegorz Gnych

Grzegorz Gnych

Sales Representative

+48 664 003 003grzegorz.gnych@nflo.pl
Response within 24 hours
Free consultation
Individual approach

Providing your phone number will speed up contact.

Want to Reduce IT Risk and Costs?

Book a free consultation - we respond within 24h

Response in 24h Free quote No obligations
Book a Call +48 22 487 86 36

Or download free guide:

Download NIS2 Checklist