216.73.217.80

CVE-2026-4760

· Published 25/03/2026 13:16 · Modified 26/03/2026 10:16

Labels: CVE-2026-4760 2026-03-2530aa36b7-a224-4bc9-b7d3-abea20aa4887CVE-2026-4760CWE-552

Essential information

Published
25/03/2026 13:16
Modified
26/03/2026 10:16
Author
Creator
CVSS
7.7 HIGH (v3) 7.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

From Panorama Web HMI, an attacker can gain read access to certain Web HMI server files, if he knows their paths and if these files are accessible to the Servin process execution account. * Installations based on Panorama Suite 2022-SP1 (22.50.005) are vulnerable unless update PS-2210-02-4079 (or higher) is installed * Installations based on Panorama Suite 2023 (23.00.004) are vulnerable unless updates PS-2300-03-3078 (or higher) and PS-2300-04-3078 (or higher) and PS-2300-82-3078 (or higher) are installed * Installations based on Panorama Suite 2025 (25.00.016) are vulnerable unless updates PS-2500-02-1078 (or higher) and PS-2500-04-1078 (or higher) are installed * Installations based on Panorama Suite 2025 Updated Dec. 25 (25.10.007) are vulnerable unless updates PS-2510-02-1077 (or higher) and PS-2510-04-1077 (or higher) are installed Please refer to security bulletin BS-035, available on the Panorama CSIRT website: https://my.codra.net/en-gb/csirt .

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
30aa36b7-a224-4bc9-b7d3-abea20aa4887
NVD
View on NVD

Affected products (CPE)

ProductCPE
panorama / panorama suite cpe:2.3:a:panorama:panorama_suite:22.50.005:*:*:*:*:*:*:*
panorama / panorama suite cpe:2.3:a:panorama:panorama_suite:23.00.004:*:*:*:*:*:*:*
panorama / panorama suite cpe:2.3:a:panorama:panorama_suite:25.00.016:*:*:*:*:*:*:*
panorama / panorama suite cpe:2.3:a:panorama:panorama_suite:25.10.007:*:*:*:*:*:*:*

References