Firewall Vulnerability at Palo Alto Networks Unauthenticated attackers could potentially cripple enterprise networks by crashing firewalls into endless reboot cycles due to a critical denial-of-service (DoS) flaw in Palo Alto Networks' PAN-OS software This article explores firewall vulnerability palo. . The Advanced DNS Security (ADNS) feature is where the vulnerability, known as CVE-2026-0229, resides.

To cause a system reboot, an attacker sends a maliciously constructed packet. Frequent exploitation puts the firewall in maintenance mode, which stops traffic inspection and puts businesses at risk of outages. Prisma Access and Cloud NGFW are unaffected. In a security advisory, Palo Alto Networks described the problem and confirmed that it only impacts particular PAN-OS versions when ADNS is enabled in conjunction with a spyware profile configured to block, sinkhole, or alert traffic.

Versions and Fixes Affected Versions of the Product Affected Versions that are fixed PAN-OS 12.1 < 12.1.4 (more precisely 12.1.2–12.1.3) ≥ 12.1.4 PAN-OS 11.2 < 11.2.10 (11.2.0–11.2.9) ≥ 11.2.10 PAN-OS 11.1 None All Cloud NGFW None All PAN-OS 10.2 All Prisma Access None None at all The business advises administrators to update susceptible systems right away. It is advisable to switch to a patched version of PAN-OS from older, unsupported versions. Because of the vulnerability's design, there are no workarounds and Threat Prevention signatures are unable to identify exploits.

There is no known exploitation in the wild, according to Palo Alto. However, security professionals caution about dangers in busy areas. "DoS vulnerabilities like this have the potential to cause significant disruptions, particularly when combined with other attacks. Patching must be given top priority by organizations that depend on Palo Alto for perimeter defense.

Because ADNS-enabled firewalls are a vital line of defense against DNS-based attacks, businesses that block malicious domains should be especially concerned about this exposure. Administrators should use X for daily cybersecurity updates, LinkedIn, and Palo Alto's support portal to check for unpatched systems and confirm configurations. To have your stories featured, get in touch with us.