CVE-2026-0227 — Improper Check for Unusual or Exceptional Conditions in Palo Alto Networks Pan-os

CWE-754 — Improper Check for Unusual or Exceptional Conditions6 documents6 sources

Severity

6.6MEDIUMNVD

EPSS

0.0%

top 90.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Palo Alto Networks Prisma Access Paloaltonetworks Pan-os +3 more

Timeline

PublishedJan 15

Description

A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages6 packages

▶NVDpaloaltonetworks/pan-os10.1.0 — 10.1.14+26

▶CVEListV5palo_alto_networks/pan-os12.1.2 — 12.1.4, 12.1.3-h3+4

▶CVEListV5palo_alto_networks/prisma_access11.2 — 11.2.7-h8+1

▶Palo Altopaloalto/pan-os

▶Palo Altopaloalto/cloud_ngfw

🔴Vulnerability Details

GHSA

GHSA-5rqg-fqph-5w7w: A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall↗2026-01-15

▶

CVEList

PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal↗2026-01-15

▶

📋Vendor Advisories

Palo Alto

PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal↗

▶

🕵️Threat Intelligence

Bleepingcomputer

Palo Alto Networks warns of DoS bug letting hackers disable firewalls↗2026-01-15

▶

Wiz

CVE-2026-0227 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶