Cybersecurity

Palo Alto Networks Warns Of Dos Bug Letting Hackers Disable Firewalls (2026)

2026-01-15 0 views admin
Palo Alto Networks Warns Of Dos Bug Letting Hackers Disable Firewalls (2026)

Palo Alto Networks patched a high-severity vulnerability that could allow unauthenticated attackers to disable firewall protections in denial-of-service (DoS) attacks.

Tracked as CVE-2026-0227, this security flaw affects next-generation firewalls (running PAN-OS 10.1 or later) and Palo Alto Networks' Prisma Access configurations when the GlobalProtect gateway or portal is enabled.

The cybersecurity company says that most cloud-based Prisma Access instances have already been patched, with those left to be secured already scheduled for an upgrade.

"A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode," Palo Alto Networks explained.

"We have successfully completed the Prisma Access upgrade for most of the customers, with the exception of few in progress due to conflicting upgrade schedules. Remaining customers are being promptly scheduled for an upgrade through our standard upgrade process."

Internet security watchdog Shadowserver currently tracks nearly 6,000 Palo Alto Networks firewalls exposed online, though there is no information on how many have vulnerable configurations or have already been patched.

​When the security advisory was published on Wednesday, the company said it had yet to find evidence that this vulnerability was being exploited in attacks.

Palo Alto Networks has released security updates for all affected versions, and admins are advised to upgrade to the latest release to secure their systems against potential attacks.

Palo Alto Networks firewalls are often targeted in attacks, frequently using zero-day vulnerabilities that haven't been disclosed or patched.

In November 2024, Palo Alto Networks patched two actively exploited PAN-OS firewall zero-days that enabled attackers to gain root privileges. Shadowserver revealed days later that thousands of firewalls had been compromised in the campaign (even though the company said the attacks impacted only "a very small number"), while CISA ordered federal agencies to secure their devices within 3 weeks.

Source: BleepingComputer

🏷️ Tags

cybersecuritysecurityhackvulnerabilitycve

More from Cybersecurity

Security Trio Of Critical Bugs Spotted In Delta Industrial Plcs (2026)

Security Trio Of Critical Bugs Spotted In Delta Industrial Plcs (2026)

2026-01-15 0
Ftc Bans Gm From Selling Drivers' Location Data For Five Years - Full Analysis

Ftc Bans Gm From Selling Drivers' Location Data For Five Years - Full Analysis

2026-01-15 0
Microsoft Legal Action Disrupts Redvds Cybercrime Infrastructure... (2026)

Microsoft Legal Action Disrupts Redvds Cybercrime Infrastructure... (2026)

2026-01-15 0
Palo Alto Fixes Globalprotect Dos Flaw Crash Firewalls Without Login

Palo Alto Fixes Globalprotect Dos Flaw Crash Firewalls Without Login

2026-01-15 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views