The flaw carries a CVSS v4.0 base score of 7.7 (HIGH severity), stemming from improper checks for unusual conditions that force firewalls into maintenance mode after repeated exploitation attempts.
Published on January 14, 2026, the issue affects multiple PAN-OS versions but spares Cloud NGFW entirely.
Attackers exploit this over the network with low complexity, no privileges, and no user interaction required, making it automatable and highly feasible.
The vulnerability aligns with CWE-754 (Improper Check for Unusual or Exceptional Conditions) and CAPEC-210 (Abuse Existing Functionality), impacting product availability severely while leaving confidentiality and integrity untouched.
Palo Alto notes proof-of-concept code exists (Exploit Maturity: POC), but no active malicious exploitation has surfaced. Exposure demands GlobalProtect gateway or portal activation on PAN-OS next-generation firewalls (NGFW) or Prisma Access, common in remote access setups.
The vulnerability hits legacy and current PAN-OS branches, with detailed affected and unaffected releases listed below.
| Product | Affected Versions | Unaffected Versions |
|---|---|---|
| PAN-OS 12.1 | < 12.1.3-h3, < 12.1.4 | >= 12.1.3-h3, >= 12.1.4 |
| PAN-OS 11.2 | < 11.2.4-h15, < 11.2.7-h8, < 11.2.10-h2 | >= 11.2.4-h15 (ETA: 1/14/2026), >= 11.2.7-h8, >= 11.2.10-h2 |
| PAN-OS 11.1 | < 11.1.4-h27, < 11.1.6-h23, < 11.1.10-h9, < 11.1.13 | >= 11.1.4-h27, >= 11.1.6-h23, >= 11.1.10-h9, >= 11.1.13 |
| PAN-OS 10.2 | < 10.2.7-h32, < 10.2.10-h30, < 10.2.13-h18, < 10.2.16-h6, < 10.2.18-h1 | >= 10.2.7-h32, >= 10.2.10-h30, >= 10.2.13-h18, >= 10.2.16-h6, >= 10.2.18-h1 |
| PAN-OS 10.1 | < 10.1.14-h20 | >= 10.1.14-h20 |
| Prisma Access 11.2 | < 11.2.7-h8* | >= 11.2.7-h8* |
| Prisma Access 10.2 | < 10.2.10-h29* | >= 10.2.10-h29* |
Administrators must upgrade promptly, as no workarounds exist, and response effort rates moderate with user-led recovery. Suggested paths include jumping to the latest hotfixes like PAN-OS 12.1.4 or 11.2.10-h2.
An external researcher receives credit for disclosure. Community discussions highlight recent scanning activity potentially probing this flaw. Organizations should verify configurations via Palo Alto’s support portal and monitor for DoS attempts while the POC is available.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Palo Alto Networks Firewall Vulnerability Allows Attackers to Trigger Denial of Service appeared first on Cyber Security News.
Watching a streamer find their way through the digital labyrinth of some spooky game—particularly one…
OpenAI has announced a new Bio Bug Bounty program for GPT-5.5 as part of its…
In the wake of the 2024 presidential election, communities across the country are still reeling…
Though we’ve previously reported that the anime adaptation of JoJo’s Bizarre Adventure: Steel Ball Run…
200 Years Ago John Clarke, directly opposite the Meeting House in Northampton, has on hand…
LEVERETT — A middle-aged man was transported to Baystate Medical Center in Springfield with “moderate-to-severe”…
This website uses cookies.