The flaw carries a CVSS v4.0 base score of 7.7 (HIGH severity), stemming from improper checks for unusual conditions that force firewalls into maintenance mode after repeated exploitation attempts.
Published on January 14, 2026, the issue affects multiple PAN-OS versions but spares Cloud NGFW entirely.
Attackers exploit this over the network with low complexity, no privileges, and no user interaction required, making it automatable and highly feasible.
The vulnerability aligns with CWE-754 (Improper Check for Unusual or Exceptional Conditions) and CAPEC-210 (Abuse Existing Functionality), impacting product availability severely while leaving confidentiality and integrity untouched.
Palo Alto notes proof-of-concept code exists (Exploit Maturity: POC), but no active malicious exploitation has surfaced. Exposure demands GlobalProtect gateway or portal activation on PAN-OS next-generation firewalls (NGFW) or Prisma Access, common in remote access setups.
The vulnerability hits legacy and current PAN-OS branches, with detailed affected and unaffected releases listed below.
| Product | Affected Versions | Unaffected Versions |
|---|---|---|
| PAN-OS 12.1 | < 12.1.3-h3, < 12.1.4 | >= 12.1.3-h3, >= 12.1.4 |
| PAN-OS 11.2 | < 11.2.4-h15, < 11.2.7-h8, < 11.2.10-h2 | >= 11.2.4-h15 (ETA: 1/14/2026), >= 11.2.7-h8, >= 11.2.10-h2 |
| PAN-OS 11.1 | < 11.1.4-h27, < 11.1.6-h23, < 11.1.10-h9, < 11.1.13 | >= 11.1.4-h27, >= 11.1.6-h23, >= 11.1.10-h9, >= 11.1.13 |
| PAN-OS 10.2 | < 10.2.7-h32, < 10.2.10-h30, < 10.2.13-h18, < 10.2.16-h6, < 10.2.18-h1 | >= 10.2.7-h32, >= 10.2.10-h30, >= 10.2.13-h18, >= 10.2.16-h6, >= 10.2.18-h1 |
| PAN-OS 10.1 | < 10.1.14-h20 | >= 10.1.14-h20 |
| Prisma Access 11.2 | < 11.2.7-h8* | >= 11.2.7-h8* |
| Prisma Access 10.2 | < 10.2.10-h29* | >= 10.2.10-h29* |
Administrators must upgrade promptly, as no workarounds exist, and response effort rates moderate with user-led recovery. Suggested paths include jumping to the latest hotfixes like PAN-OS 12.1.4 or 11.2.10-h2.
An external researcher receives credit for disclosure. Community discussions highlight recent scanning activity potentially probing this flaw. Organizations should verify configurations via Palo Alto’s support portal and monitor for DoS attempts while the POC is available.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Palo Alto Networks Firewall Vulnerability Allows Attackers to Trigger Denial of Service appeared first on Cyber Security News.
A screenshot of the Call of Duty footage in the White House’s video. On Wednesday,…
Samsung's newest smartphones - the Galaxy S26, S26+, and S26 Ultra - were recently announced…
Amazon just launched a Lightning deal that drops the price of the Hasbro Transformers Studio…
Trump summoned tech leaders to the White House on Wednesday, March 4, 2026 to sign…
Epic CEO Tim Sweeney might be one of the most outspoken people in the history…
WASHINGTON (AP) — Senate Republicans voted down an effort Wednesday to halt President Donald Trump’s war…
This website uses cookies.