Palo Alto Networks disclosed a significant flaw in its PAN-OS software in a new alert This article explores palo alto security. . This denial-of-service (DoS) vulnerability, known as CVE-2026-0229, affects the Advanced DNS Security (ADNS) function.

A specially constructed packet can be sent by an unauthorized attacker to repeatedly force firewall reboots. If you keep hitting it, the device will go into maintenance mode and be unavailable until it is fixed. The flaw, which was published on February 11, 2026, has a broader CVSS-B score of 8.7 and a base CVSS v4.0 score of 6.6 (MEDIUM severity). It has a moderate urgency rating.

Although there are currently no known malicious exploits, there is a risk because attackers only need network access and no privileges. The flaw is caused by CAPEC-153 (input manipulation) and CWE-754 (inadequate checks for unusual conditions).

PAN-OS versions that have ADNS enabled and a spyware profile configured to block, sinkhole, or alert traffic—rather than merely allowing it—are impacted. Good news? PAN-OS 11.1, 10.2, Prisma Access, and Cloud NGFW are all secure.

An internal researcher named jliu@TikkalaSecurity made the discovery. Details of the Aspect ID CVE-2026-0229 MEDIUM SERIORITY (CVSS 6.6 / CVSS-B 8.7) By creating malicious DNS packets, attackers take advantage of ADNS. When the firewall handles them incorrectly, it immediately reboots. If you send too many packets, it will loop into maintenance mode and require manual intervention.

Recovery requires a moderate response effort and is dependent on the user. Automatable? Indeed, exposed firewalls could be hammered by scripts. Palo Alto recommends updating vulnerable versions right away.

It is necessary to switch from older, unsupported PAN-OS to fixed, supported versions.

Patching is essential because neither configuration changes nor signatures prevent this. Networks are protected by firewalls; downtime creates blind spots for security breaches. Threat actors could target businesses with low barriers (network access only, no user interaction).

Consider banks, hospitals, or any other location where uptime is important. This adds to a number of PAN-OS problems, emphasizing the importance of timely updates. Remain alert: Check your PAN-OS version via the dashboard. If at all possible, enable auto-updates.

See Palo Alto's security advisory for complete information.