Palo Alto Networks Discloses PAN-OS Firewall DoS Vulnerability (CVE-2026-0229)
Palo Alto Networks has identified a denial-of-service (DoS) vulnerability in its PAN-OS firewall software, tracked as CVE-2026-0229, which could allow unauthenticated attackers to force repeated device reboots. The flaw resides in the Advanced DNS Security (ADNS) feature and can be exploited via a maliciously crafted network packet, potentially pushing affected firewalls into a reboot loop and eventually maintenance mode, disrupting traffic inspection and connectivity.
The vulnerability, rated medium severity (CVSS 6.66), was discovered internally by Palo Alto Networks and disclosed on February 11, 2026. No known malicious exploitation has been reported, and the company classifies the exploit maturity as unreported.
Affected systems include on-premises and self-managed PAN-OS deployments with ADNS enabled and a spyware security profile configured to block, sinkhole, or alert environments actively enforcing ADNS protections are most at risk. Cloud NGFW and Prisma Access are unaffected.
Palo Alto Networks has released patches for impacted versions:
- PAN-OS 12.1.4+ (12.1 train)
- PAN-OS 11.2.10+ (11.2 train)
No workarounds or Threat Prevention signatures are available, making patching the primary remediation. Administrators are advised to inventory firewalls with ADNS enabled, verify affected versions, and monitor for unexpected reboots that may indicate exploitation attempts.
Source: https://gbhackers.com/palo-alto-networks-firewall-vulnerability/
Palo Alto Networks cybersecurity rating report: https://www.rankiteo.com/company/palo-alto-networks
"id": "PAL1770889931",
"linkid": "palo-alto-networks",
"type": "Vulnerability",
"date": "2/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Technology/Network Security',
'name': 'Palo Alto Networks',
'type': 'Cybersecurity Company'}],
'attack_vector': 'Maliciously crafted network packet',
'date_publicly_disclosed': '2026-02-11',
'description': 'Palo Alto Networks has identified a denial-of-service (DoS) '
'vulnerability in its PAN-OS firewall software, tracked as '
'CVE-2026-0229, which could allow unauthenticated attackers to '
'force repeated device reboots. The flaw resides in the '
'Advanced DNS Security (ADNS) feature and can be exploited via '
'a maliciously crafted network packet, potentially pushing '
'affected firewalls into a reboot loop and eventually '
'maintenance mode, disrupting traffic inspection and '
'connectivity.',
'impact': {'downtime': 'Repeated reboots leading to maintenance mode',
'operational_impact': 'Disruption of traffic inspection and '
'connectivity',
'systems_affected': 'PAN-OS firewalls with ADNS enabled and '
'spyware security profile configured to block, '
'sinkhole, or alert'},
'investigation_status': 'Vulnerability disclosed, no known exploitation',
'post_incident_analysis': {'corrective_actions': 'Patching vulnerable PAN-OS '
'versions',
'root_causes': 'Flaw in Advanced DNS Security '
'(ADNS) feature'},
'recommendations': 'Inventory firewalls with ADNS enabled, verify affected '
'versions, and apply patches. Monitor for unexpected '
'reboots that may indicate exploitation attempts.',
'references': [{'source': 'Palo Alto Networks Advisory'}],
'response': {'communication_strategy': 'Public disclosure and advisory to '
'administrators',
'containment_measures': 'Patching affected PAN-OS versions',
'enhanced_monitoring': 'Monitoring for unexpected reboots',
'remediation_measures': 'Patches released for PAN-OS 12.1.4+ and '
'11.2.10+'},
'stakeholder_advisories': 'Administrators advised to patch affected systems '
'and monitor for signs of exploitation',
'title': 'Palo Alto Networks Discloses PAN-OS Firewall DoS Vulnerability '
'(CVE-2026-0229)',
'type': 'Denial-of-Service (DoS)',
'vulnerability_exploited': 'CVE-2026-0229'}