Signal: CVSS Failure Exposes 13,000 Devices in 2026 Palo Alto Chain Attack

Introduction: The Core Shift

CVSS scores are not just misleading—they are dangerous. In November 2024, attackers chained two Palo Alto Networks vulnerabilities—CVE-2024-0012 (CVSS 9.3) and CVE-2024-9474 (CVSS 6.9)—to gain unauthenticated remote admin access and root on over 13,000 exposed management interfaces. The lower score, 6.9, fell below many enterprise patch thresholds. The higher score was queued for maintenance. Neither triggered the urgency the chain deserved. This is not an isolated incident; it is a systemic failure of vulnerability prioritization that adversaries are exploiting at scale.

In 2025, 48,185 CVEs were disclosed—a 20.6% year-over-year increase. Jerry Gamblin projects 70,135 for 2026. NIST announced on April 15 that CVE submissions have grown 263% since 2020, and the NVD will now prioritize enrichment only for KEV and federal critical software. The infrastructure behind vulnerability scoring is buckling under its own weight.

For executives, this means the traditional CVSS-first approach to patch management is no longer viable. The cost of inaction is measured in breached devices, stolen data, and regulatory fines. The following analysis dissects five triage failure classes that CVSS was never designed to catch, and provides an actionable plan to rebuild prioritization from the ground up.

Analysis: Five Triage Failure Classes

1. Chained CVEs That Look Safe Until They Aren't

The Palo Alto pair from Operation Lunar Peek is the textbook example. CVE-2024-0012 bypassed authentication. CVE-2024-9474 escalated privileges. Scored separately under both CVSS v4.0 and v3.1, the escalation flaw filtered below most enterprise patch thresholds because admin access appeared required. The authentication bypass upstream eliminated that prerequisite entirely. Neither score communicated the compound effect.

Adam Meyers, SVP of Counter Adversary Operations at CrowdStrike, described the operational psychology: teams assessed each CVE independently, deprioritized the lower score, and queued the higher one for maintenance. “They just had amnesia from 30 seconds before,” Meyers told VentureBeat. The result: 13,000 devices compromised.

2. Nation-State Adversaries Who Weaponize Patches Within Days

The CrowdStrike 2026 Global Threat Report documented a 42% year-over-year increase in vulnerabilities exploited as zero-days before public disclosure. Average breakout time across observed intrusions: 29 minutes. Fastest observed breakout: 27 seconds. China-nexus adversaries weaponized newly patched vulnerabilities within two to six days of disclosure.

“Before it was Patch Tuesday once a month. Now it's patch every day, all the time. That's what this new world looks like,” said Daniel Bernard, Chief Business Officer at CrowdStrike. A KEV addition treated as a routine queue item on Tuesday becomes an active exploitation window by Thursday. Weekly patch windows are indefensible.

3. Stockpiled CVEs That Nation-State Actors Hold for Years

Salt Typhoon accessed senior U.S. political figures' communications during the presidential transition by chaining CVE-2023-20198 with CVE-2023-20273 on internet-facing Cisco devices—a privilege escalation pair patched in October 2023 and still unapplied more than a year later. Compromised credentials provided a parallel entry vector. The patches existed. Neither was applied.

Sixty-seven percent of vulnerabilities exploited by China-nexus adversaries in 2025 were remote code execution flaws providing immediate system access. CVSS does not degrade priority based on how long a CVE has gone unpatched. No board metric tracks aging KEV exposure. That silence is the vulnerability.

4. Identity Gaps That Never Enter the Scoring System

A 2023 help desk social engineering call against a major enterprise produced more than $100 million in losses. No CVE was assigned. No CVSS score existed. No patch pipeline entry was created. The vulnerability was a human process gap in identity verification, sitting entirely outside the scoring system's aperture.

“A pro needs a zero day if all you have to do is call the help desk and say I forgot my password,” Meyers said. Agentic AI systems now carry their own identity credentials, API tokens, and permission scopes, operating outside traditional vulnerability management governance. In most organizations, help desk authentication gaps and agentic AI credential inventories live in a separate governance silo—in practice, nobody's governance.

5. AI-Accelerated Discovery That Breaks Pipeline Capacity

Anthropic's Claude Mythos Preview demonstrated autonomous vulnerability discovery, finding a 27-year-old signed integer overflow in OpenBSD's TCP SACK implementation across roughly 1,000 scaffold runs at a total compute cost under $20,000. Meyers offered a thought-experiment projection: if frontier AI drives a 10x volume increase, the result is approximately 480,000 CVEs annually. Pipelines built for 48,000 break at 70,000 and collapse at 480,000. NVD enrichment is already gone for non-KEV submissions.

“If the adversary is now able to find vulnerabilities faster than the defenders or the business, that's a huge problem, because those vulnerabilities become exploits,” said Bernard. CrowdStrike on Friday launched Project QuiltWorks, a remediation coalition with Accenture, EY, IBM Cybersecurity Services, Kroll, and OpenAI formed to address the vulnerability volume that frontier AI models are now generating in production code. When five major firms build a coalition around a pipeline problem, no single organization's patch workflow can keep pace.

Winners & Losers

Winners: CrowdStrike and its Project QuiltWorks partners (Accenture, EY, IBM, Kroll, OpenAI) are positioned to capture market share in AI-driven threat intelligence and response. AI vulnerability research firms like Anthropic have demonstrated cost-effective discovery of critical flaws, enabling new service offerings.

Losers: Palo Alto Networks faces reputation damage from 13,000 compromised devices due to chained CVEs; CVSS under-scoring undermines trust. NVD/NIST's reduced enrichment scope may decrease relevance as a primary vulnerability source, pushing users to alternative databases.

Market / Industry Impact

The vulnerability management market is shifting from CVSS-centric scoring to context-aware, exploitability-based prioritization, driven by AI discovery and chained exploit incidents. This will fragment the CVE ecosystem as NVD reduces enrichment, creating opportunities for private threat intelligence providers. Expect increased investment in EPSS, SSVC, and proprietary scoring models.

Executive Action

• Run a chain-dependency audit on every KEV CVE in the environment this month. Flag any co-resident CVE scored 5.0 or above. Any pair chaining authentication bypass to privilege escalation gets triaged as critical regardless of individual scores.
• Compress KEV-to-patch SLAs to 72 hours for internet-facing systems. The 29-minute average breakout time makes weekly patch windows indefensible.
• Build a monthly KEV aging report for the board. Every unpatched KEV CVE, days since disclosure, days since patch availability, and owner.

Why This Matters

CVSS is a single-vulnerability metric in a multi-vulnerability world. Adversaries chain exploits, weaponize patches in days, and stockpile CVEs for years. The cost of inaction is measured in breached devices, stolen data, and regulatory fines. Executives must overhaul prioritization frameworks now or face cascading breaches.

Final Take

CVSS did exactly what it was designed to do: score one vulnerability at a time. The problem is that adversaries do not attack one vulnerability at a time. The Palo Alto chain attack is a warning shot. The next one will be worse. Organizations that cling to CVSS-first prioritization will be breached. Those that adopt context-aware, exploitability-based models will survive.

Source: VentureBeat