CVE-2026-0229
published 2026-02-11CVE-2026-0229: A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker…
PriorityP344medium6.6CVSS 4.0
AVNACLATNPRNUINVCNVINVAHSCNSINSANEUCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUYRUVDREMUAmber
EPSS
0.56%
42.4th percentile
A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.
Cloud NGFW and Prisma Access® are not impacted by this vulnerability.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | pan-os | >= 11.2.0 < 11.2.10 | 11.2.10 |
| palo_alto_networks | pan-os | >= 12.1.0 < 12.1.4 | 12.1.4 |
| paloalto | cloud_ngfw | — | — |
| paloalto | pan-os_firewall | — | — |
| paloalto | panorama | — | — |
| paloalto | prisma_access | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cpfh-q3v8-wj73: A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated
ghsa_unreviewed·2026-02-11
CVE-2026-0229 [MEDIUM] CWE-754 GHSA-cpfh-q3v8-wj73: A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated
A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.
Cloud NGFW and Prisma Access® are not impacted by this vulnerability.
Palo Alto
PAN-OS: Denial of Service in Advanced DNS Security Feature
vendor_paloalto·CVSS 6.6
CVE-2026-0229 [MEDIUM] CWE-754 PAN-OS: Denial of Service in Advanced DNS Security Feature
PAN-OS: Denial of Service in Advanced DNS Security Feature
A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.
Panorama, Cloud NGFW, and Prisma Access® are not impacted by this vulnerability.
Affected products: Cloud NGFW , PAN-OS Firewall, Panorama, Prisma Access
Solution: VERSION MINOR VERSION SUGGESTED SOLUTION
Cloud NGFW All No action needed.
PAN-OS 12.1 12.1.2 through 12.1.3 Upgrade to 12.1.4 or later.
PAN-OS 11.2 11.2.0 through 11.2.9 Upgrade to 11.2.10 or later.
PAN-OS 11.1 No action needed.
PAN-OS 10.2 No action needed.
All ol
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-02-11
Published