{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0229", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2025-11-03T20:43:50.406Z", "datePublished": "2026-02-11T17:56:09.270Z", "dateUpdated": "2026-02-11T18:58:48.926Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Cloud NGFW", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}, {"cpes": ["cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "PAN-OS", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "12.1.4", "status": "unaffected"}], "lessThan": "12.1.4", "status": "affected", "version": "12.1.0", "versionType": "custom"}, {"changes": [{"at": "11.2.10", "status": "unaffected"}], "lessThan": "11.2.10", "status": "affected", "version": "11.2.0", "versionType": "custom"}, {"changes": [{"at": "11.1.11", "status": "unaffected"}], "lessThan": "11.1.11", "status": "unaffected", "version": "11.1.0", "versionType": "custom"}, {"changes": [{"at": "10.2.17", "status": "unaffected"}], "lessThan": "10.2.17", "status": "unaffected", "version": "10.2.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Prisma Access", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "11.2.7-h10", "status": "unaffected"}, {"at": "10.2.10-h28", "status": "unaffected"}], "lessThan": "10.2.10-h28", "status": "unaffected", "version": "All", "versionType": "custom"}]}], "configurations": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The firewall must have Advanced DNS Security (ADNS) enabled and a spyware profile with actions configured to block, sinkhole, or alert (i.e., any non-allow value)."}], "value": "The firewall must have Advanced DNS Security (ADNS) enabled and a spyware profile with actions configured to block, sinkhole, or alert (i.e., any non-allow value)."}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*", "versionEndExcluding": "12.1.4", "versionStartIncluding": "12.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*", "versionEndExcluding": "11.2.10", "versionStartIncluding": "11.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "an internal reporter, jliu@TikkalaSecurity,"}], "datePublic": "2026-02-11T17:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.<br><br>Cloud NGFW and Prisma Access\u00ae are not impacted by this vulnerability."}], "value": "A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.\n\nCloud NGFW and Prisma Access\u00ae are not impacted by this vulnerability."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "YES", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.6, "baseSeverity": "MEDIUM", "exploitMaturity": "UNREPORTED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2026-02-11T17:56:09.270Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.paloaltonetworks.com/CVE-2026-0229"}], "solutions": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<table><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>Cloud NGFW All</td><td>&nbsp;</td><td>No action needed.&nbsp;</td></tr><tr>\n <td>PAN-OS 12.1<br></td>\n <td>12.1.2 through 12.1.3</td>\n <td>Upgrade to 12.1.4 or later.</td>\n </tr><tr>\n <td>PAN-OS 11.2<br></td>\n <td>11.2.0 through 11.2.9</td>\n <td>Upgrade to 11.2.10 or later.</td>\n </tr><tr><td>PAN-OS 11.1<br></td><td></td><td>No action needed.</td></tr><tr><td>PAN-OS 10.2<br></td><td></td><td>No action needed.</td></tr><tr><td>All older<br>unsupported<br>PAN-OS versions</td><td>&nbsp;</td><td>Upgrade to a supported fixed version.</td></tr><tr><td>Prisma Access All</td><td></td><td>No action needed.</td></tr></tbody></table>"}], "value": "VERSION MINOR VERSION SUGGESTED SOLUTION\nCloud NGFW All \u00a0 No action needed.\u00a0\nPAN-OS 12.1 12.1.2 through 12.1.3 Upgrade to 12.1.4 or later.\nPAN-OS 11.2 11.2.0 through 11.2.9 Upgrade to 11.2.10 or later.\nPAN-OS 11.1 No action needed.\nPAN-OS 10.2 No action needed.\nAll older \u00a0 Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access All No action needed."}], "source": {"discovery": "INTERNAL"}, "timeline": [{"lang": "en", "time": "2026-02-11T17:00:00.000Z", "value": "Initial Publication"}], "title": "PAN-OS: Denial of Service in Advanced DNS Security Feature", "workarounds": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No known workarounds exist for this issue. Due to the nature of this vulnerability, a Threat Prevention Signature to detect this is also not possible.&nbsp;"}], "value": "No known workarounds exist for this issue. Due to the nature of this vulnerability, a Threat Prevention Signature to detect this is also not possible."}], "x_affectedList": ["PAN-OS 12.1.3-h3", "PAN-OS 12.1.3-h1", "PAN-OS 12.1.3", "PAN-OS 12.1.2", "PAN-OS 11.2.9", "PAN-OS 11.2.8", "PAN-OS 11.2.7-h10", "PAN-OS 11.2.7-h8", "PAN-OS 11.2.7-h7", "PAN-OS 11.2.7-h4", "PAN-OS 11.2.7-h3", "PAN-OS 11.2.7-h2", "PAN-OS 11.2.7-h1", "PAN-OS 11.2.7", "PAN-OS 11.2.6", "PAN-OS 11.2.5", "PAN-OS 11.2.4-h15", "PAN-OS 11.2.4-h14", "PAN-OS 11.2.4-h12", "PAN-OS 11.2.4-h11", "PAN-OS 11.2.4-h10", "PAN-OS 11.2.4-h9", "PAN-OS 11.2.4-h8", "PAN-OS 11.2.4-h7", "PAN-OS 11.2.4-h6", "PAN-OS 11.2.4-h5", "PAN-OS 11.2.4-h4", "PAN-OS 11.2.4-h3", "PAN-OS 11.2.4-h2", "PAN-OS 11.2.4-h1", "PAN-OS 11.2.4", "PAN-OS 11.2.3-h5", "PAN-OS 11.2.3-h4", "PAN-OS 11.2.3-h3", "PAN-OS 11.2.3-h2", "PAN-OS 11.2.3-h1", "PAN-OS 11.2.3", "PAN-OS 11.2.2-h2", "PAN-OS 11.2.2-h1", "PAN-OS 11.2.1-h1", "PAN-OS 11.2.1", "PAN-OS 11.2.0-h1", "PAN-OS 11.2.0"], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-11T18:30:06.401502Z", "id": "CVE-2026-0229", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-11T18:58:48.926Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-0229", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-11T18:30:06.401502Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-11T18:58:42.955Z"}}], "cna": {"title": "PAN-OS: Denial of Service in Advanced DNS Security Feature", "source": {"discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "an internal reporter, jliu@TikkalaSecurity,"}], "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 6.6, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:D/RE:M/U:Amber", "exploitMaturity": "UNREPORTED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Palo Alto Networks", "product": "Cloud NGFW", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*"], "vendor": "Palo Alto Networks", "product": "PAN-OS", "versions": [{"status": "affected", "changes": [{"at": "12.1.4", "status": "unaffected"}], "version": "12.1.0", "lessThan": "12.1.4", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "11.2.10", "status": "unaffected"}], "version": "11.2.0", "lessThan": "11.2.10", "versionType": "custom"}, {"status": "unaffected", "changes": [{"at": "11.1.11", "status": "unaffected"}], "version": "11.1.0", "lessThan": "11.1.11", "versionType": "custom"}, {"status": "unaffected", "changes": [{"at": "10.2.17", "status": "unaffected"}], "version": "10.2.0", "lessThan": "10.2.17", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "Prisma Access", "versions": [{"status": "unaffected", "changes": [{"at": "11.2.7-h10", "status": "unaffected"}, {"at": "10.2.10-h28", "status": "unaffected"}], "version": "All", "lessThan": "10.2.10-h28", "versionType": "custom"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "supportingMedia": [{"type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "base64": false}]}], "timeline": [{"lang": "en", "time": "2026-02-11T17:00:00.000Z", "value": "Initial Publication"}], "solutions": [{"lang": "eng", "value": "VERSION MINOR VERSION SUGGESTED SOLUTION\nCloud NGFW All \u00a0 No action needed.\u00a0\nPAN-OS 12.1 12.1.2 through 12.1.3 Upgrade to 12.1.4 or later.\nPAN-OS 11.2 11.2.0 through 11.2.9 Upgrade to 11.2.10 or later.\nPAN-OS 11.1 No action needed.\nPAN-OS 10.2 No action needed.\nAll older \u00a0 Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access All No action needed.", "supportingMedia": [{"type": "text/html", "value": "<table><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>Cloud NGFW All</td><td>&nbsp;</td><td>No action needed.&nbsp;</td></tr><tr>\n <td>PAN-OS 12.1<br></td>\n <td>12.1.2 through 12.1.3</td>\n <td>Upgrade to 12.1.4 or later.</td>\n </tr><tr>\n <td>PAN-OS 11.2<br></td>\n <td>11.2.0 through 11.2.9</td>\n <td>Upgrade to 11.2.10 or later.</td>\n </tr><tr><td>PAN-OS 11.1<br></td><td></td><td>No action needed.</td></tr><tr><td>PAN-OS 10.2<br></td><td></td><td>No action needed.</td></tr><tr><td>All older<br>unsupported<br>PAN-OS versions</td><td>&nbsp;</td><td>Upgrade to a supported fixed version.</td></tr><tr><td>Prisma Access All</td><td></td><td>No action needed.</td></tr></tbody></table>", "base64": false}]}], "datePublic": "2026-02-11T17:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2026-0229", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "eng", "value": "No known workarounds exist for this issue. Due to the nature of this vulnerability, a Threat Prevention Signature to detect this is also not possible.", "supportingMedia": [{"type": "text/html", "value": "No known workarounds exist for this issue. Due to the nature of this vulnerability, a Threat Prevention Signature to detect this is also not possible.&nbsp;", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.\n\nCloud NGFW and Prisma Access\u00ae are not impacted by this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.<br><br>Cloud NGFW and Prisma Access\u00ae are not impacted by this vulnerability.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions"}]}], "configurations": [{"lang": "eng", "value": "The firewall must have Advanced DNS Security (ADNS) enabled and a spyware profile with actions configured to block, sinkhole, or alert (i.e., any non-allow value).", "supportingMedia": [{"type": "text/html", "value": "The firewall must have Advanced DNS Security (ADNS) enabled and a spyware profile with actions configured to block, sinkhole, or alert (i.e., any non-allow value).", "base64": false}]}], "x_affectedList": ["PAN-OS 12.1.3-h3", "PAN-OS 12.1.3-h1", "PAN-OS 12.1.3", "PAN-OS 12.1.2", "PAN-OS 11.2.9", "PAN-OS 11.2.8", "PAN-OS 11.2.7-h10", "PAN-OS 11.2.7-h8", "PAN-OS 11.2.7-h7", "PAN-OS 11.2.7-h4", "PAN-OS 11.2.7-h3", "PAN-OS 11.2.7-h2", "PAN-OS 11.2.7-h1", "PAN-OS 11.2.7", "PAN-OS 11.2.6", "PAN-OS 11.2.5", "PAN-OS 11.2.4-h15", "PAN-OS 11.2.4-h14", "PAN-OS 11.2.4-h12", "PAN-OS 11.2.4-h11", "PAN-OS 11.2.4-h10", "PAN-OS 11.2.4-h9", "PAN-OS 11.2.4-h8", "PAN-OS 11.2.4-h7", "PAN-OS 11.2.4-h6", "PAN-OS 11.2.4-h5", "PAN-OS 11.2.4-h4", "PAN-OS 11.2.4-h3", "PAN-OS 11.2.4-h2", "PAN-OS 11.2.4-h1", "PAN-OS 11.2.4", "PAN-OS 11.2.3-h5", "PAN-OS 11.2.3-h4", "PAN-OS 11.2.3-h3", "PAN-OS 11.2.3-h2", "PAN-OS 11.2.3-h1", "PAN-OS 11.2.3", "PAN-OS 11.2.2-h2", "PAN-OS 11.2.2-h1", "PAN-OS 11.2.1-h1", "PAN-OS 11.2.1", "PAN-OS 11.2.0-h1", "PAN-OS 11.2.0"], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "12.1.4", "versionStartIncluding": "12.1.2"}, {"criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "11.2.10", "versionStartIncluding": "11.2.0"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2026-02-11T17:56:09.270Z"}}}, "cveMetadata": {"cveId": "CVE-2026-0229", "state": "PUBLISHED", "dateUpdated": "2026-02-11T18:58:48.926Z", "dateReserved": "2025-11-03T20:43:50.406Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2026-02-11T17:56:09.270Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS\u00ae software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.\n\nCloud NGFW and Prisma Access\u00ae are not impacted by this vulnerability."}, {"lang": "es", "value": "Una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en la funci\u00f3n Advanced DNS Security (ADNS) del software PAN-OS\u00ae de Palo Alto Networks permite a un atacante no autenticado iniciar reinicios del sistema utilizando un paquete maliciosamente dise\u00f1ado. Los intentos repetidos de iniciar un reinicio hacen que el cortafuegos entre en modo de mantenimiento.\n\nCloud NGFW y Prisma Access\u00ae no se ven afectados por esta vulnerabilidad."}], "id": "CVE-2026-0229", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2026-02-11T18:16:07.897", "references": [{"source": "psirt@paloaltonetworks.com", "url": "https://security.paloaltonetworks.com/CVE-2026-0229"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "product": "cloud_ngfw", "vendor": "palo_alto_networks"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[12.1.0,12.1.4)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[11.2.0,11.2.10)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[11.1.0,11.1.11)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[10.2.0,10.2.17)"}}], "product": "pan-os", "vendor": "palo_alto_networks"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "product": "prisma_access", "vendor": "palo_alto_networks"}], "analysis": {"en": {"generated_at": "2026-04-17T20:17:32.835785+00:00", "value": {"mitigation_remediation": ["Upgrade PAN\u2011OS\u202f12.1 firmware to\u202f12.1.4 or later if running\u202f12.1.2\u201112.1.3.", "Upgrade PAN\u2011OS\u202f11.2 firmware to\u202f11.2.10 or later if running\u202f11.2.0\u201111.2.9.", "If using any older or unsupported PAN\u2011OS release, migrate to the latest supported version that includes the fix."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service via forced system reboots"}, "threat_synthesis": {"affected_systems": "Products affected are Palo Alto Networks PAN\u2011OS firmware versions 11.2.0 through 11.2.9 and 12.1.2 through 12.1.3. Cloud NGFW and Prisma Access are not impacted. Users running these firmware ranges should consider the vendor\u2011recommended updates: for PAN\u2011OS 12.1, upgrade to 12.1.4 or later; for PAN\u2011OS 11.2, upgrade to 11.2.10 or later; all older, unsupported PAN\u2011OS releases should be moved to a supported fixed version.", "description_and_impact": "A denial\u2011of\u2011service flaw exists in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN\u2011OS. An unauthenticated attacker can send a specially crafted packet that forces the firewall to reboot. Repeated attempts can lock the device into maintenance mode, rendering it unavailable. The flaw maps to CWE\u2011754, which concerns the use of remote input to cause a denial of service.", "risk_and_exploitability": "The CVSS base score of 6.6 indicates a moderate severity, and the EPSS score, while low (<1%), confirms that the vulnerability is not currently widely exploited. Because the issue requires an unauthenticated network packet, the most likely attack vector would be an insider or adversary gaining network access to the ADNS interface. Once exploited, the attacker can force ongoing reboots and lock the device, causing a denial of service. The vulnerability is not listed in the CISA KEV catalog, implying no publicly confirmed exploits at the time of writing."}}}}, "created": "2026-02-11T21:37:43.840868+00:00", "updated": "2026-04-17T20:30:15.804496+00:00", "vendors": ["palo_alto_networks", "palo_alto_networks$PRODUCT$cloud_ngfw", "palo_alto_networks$PRODUCT$pan-os", "palo_alto_networks$PRODUCT$prisma_access"]}