CVE-2026-0243

Summary

A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksPrisma SD-WAN ION6.5.0 < 25.3.3affected
Palo Alto NetworksPrisma SD-WAN ION6.4.0 < 25.1.8affected
Palo Alto NetworksPrisma SD-WAN ION6.3.0 < 24.3.6affected
Palo Alto NetworksPrisma SD-WAN ION6.1.0unaffected
Palo Alto NetworksPrisma SD-WAN ION5.6.0unaffected

Weaknesses

  • CWE-606: CWE-606 Unchecked Input for Loop Condition

Workarounds

Disable IPv6 on SD-WAN ION devices if not required.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References