Denial-of-Service Vulnerability in Palo Alto Networks PAN-OS Software
CVE-2026-0229

6.6MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 11 February 2026

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-0229?

The PAN-OS software by Palo Alto Networks contains a denial-of-service vulnerability in its Advanced DNS Security (ADNS) feature. An unauthenticated attacker can exploit this vulnerability by sending specially crafted packets that trigger unauthorized system reboots. If this is done repeatedly, it may cause the firewall to enter maintenance mode, disrupting service availability. It’s crucial for users to apply the necessary security updates to protect their systems from potential attacks, as Cloud NGFW and Prisma Access services remain unaffected.

Affected Version(s)

PAN-OS 12.1.0 < 12.1.4

PAN-OS 11.2.0 < 11.2.10

Cloud NGFW All

References

https://security.paloaltonetworks.com/CVE-2026-0229

vendor-advisory

CVSS V4

Score:

6.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Feb 11, 2026
Vulnerability published
Feb 11, 2026
Vulnerability Reserved
Nov 3, 2025

Credit

an internal reporter, jliu@TikkalaSecurity,

CVE-2026-0229 Data

JSON