CVE-2026-0227

Summary

A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCloud NGFWAllunaffected
Palo Alto NetworksPAN-OS12.1.2 < 12.1.4, 12.1.3-h3affected
Palo Alto NetworksPAN-OS11.2.0 < 11.2.10-h2, 11.2.7-h8, 11.2.4-h15affected
Palo Alto NetworksPAN-OS11.1.0 < 11.1.13, 11.1.10-h9, 11.1.6-h23, 11.1.4-h27affected
Palo Alto NetworksPAN-OS10.2.0 < 10.2.18-h1, 10.2.16-h6, 10.2.13-h18, 10.2.10-h30, 10.2.7-h32affected
Palo Alto NetworksPAN-OS10.1.0 < 10.1.14-h20affected
Palo Alto NetworksPrisma Access11.2 < 11.2.7-h8affected
Palo Alto NetworksPrisma Access10.2 < 10.2.10-h29, 10.2.4-h43affected

Weaknesses

  • CWE-754: CWE-754 Improper Check for Unusual or Exceptional Conditions

Workarounds

No known workarounds exist for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References