Security
Palo Alto Networks Exposes Critical DoS Vulnerability in Firewalls
Palo Alto Networks Addresses High-Severity Vulnerability in Firewall Protections
In a recent development, Palo Alto Networks has successfully patched a high-severity vulnerability that could potentially allow unauthenticated attackers to disrupt firewall protections through denial-of-service (DoS) attacks.
Identified as CVE-2026-0227, this security flaw impacts next-generation firewalls running PAN-OS 10.1 or later, as well as Palo Alto Networks’ Prisma Access configurations when the GlobalProtect gateway or portal is active.
The cybersecurity giant has confirmed that the majority of cloud-based Prisma Access instances have already received the necessary patches, with the remaining systems scheduled for prompt upgrades.
Palo Alto Networks elaborated, stating, “A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode.”
The company further reassured, “We have successfully completed the Prisma Access upgrade for most of the customers, with the exception of few in progress due to conflicting upgrade schedules. Remaining customers are being promptly scheduled for an upgrade through our standard upgrade process.”
As reported by the internet security watchdog Shadowserver, nearly 6,000 Palo Alto Networks firewalls are currently exposed online, although details regarding vulnerable configurations or patched systems remain undisclosed.
Following the publication of the security advisory, Palo Alto Networks affirmed that there was no evidence indicating active exploitation of the vulnerability in ongoing attacks.
Admins are strongly advised to deploy the latest security updates released by Palo Alto Networks for all affected versions to safeguard their systems against potential threats.
Recommended Solutions for Affected Versions:
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW All | – | No action needed. |
Palo Alto Networks firewalls have been frequent targets of cyber attacks, often exploiting zero-day vulnerabilities that are yet to be disclosed or patched.
Back in November 2024, Palo Alto Networks addressed two actively exploited PAN-OS firewall zero-days, allowing attackers to gain root privileges. Subsequent reports by Shadowserver revealed a significant number of compromised firewalls, prompting CISA to issue directives for securing federal agency devices within a limited timeframe.
In a more recent development, threat intelligence firm GreyNoise highlighted an automated campaign targeting Palo Alto GlobalProtect portals through brute-force and login attempts from over 7,000 IP addresses. GlobalProtect, a crucial VPN and remote access component of PAN-OS firewalls, is extensively utilized by government entities, service providers, and large corporations.
With a global customer base exceeding 70,000 organizations, including major U.S. financial institutions and Fortune 10 companies, Palo Alto Networks continues to play a pivotal role in cybersecurity.
As the budget season approaches, gain insights from over 300 CISOs and security leaders on their planning, spending, and priorities for the upcoming year. Download our comprehensive report to benchmark strategies, identify trends, and align your priorities for 2026.
Discover how industry leaders translate investments into tangible outcomes.
Darkness Reborn: Gothic 1 Remake set to launch on June 5th
Xiaomi 18 Phones: Exclusive Detailed Specs Revealed
Selling Your Home: Essential Tips for a Smooth Transaction
Ransomware Strikes Back: How Reynolds BYOVD Driver Outsmarts EDR Security Measures
Siri Struggles: Apple’s Roadblocks with Voice Assistant Redesign
Nostalgia for Small Phones: How Android 16 Made Me Long for Simpler Times
iOS 26.4 Update Glitches and the Buzz around iOS 27
State-Sponsored Cyber Warfare: The AI Advantage
Collaborating for Success: Implementing a Unified Operating Model in the Semiconductor Sector
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Facebook’s New Look: A Blend of Instagram’s Style
Facebook and Instagram to Reduce Personalized Ads for European Users
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Breaking Updates: Meta Connect 2025 Unveils Latest Developments
Samsung S22 Ultra vs S21 / iPhone 13 Pro Max / Pixel 6 Pro / Xiaomi 12 Pro Battery Life Drain Test!
I tested the BULLETPROOF iPhone.
POCO X4 Pro Review – $250 iPhone Destroyer?
10 Million!
17 WILDEST Inventions you won’t believe are REAL.
Apple’s 2022 products are even CRAZIER than you think.
I tested the CHEAPEST Gadgets on the Internet.
I bought the THINNEST Tech in the world.
The Samsung Smartphone Scandal: Explained
-
Facebook4 months agoEU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
-
Facebook4 months agoWarning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
-
Facebook4 months agoFacebook Compliance: ICE-tracking Page Removed After US Government Intervention
-
Facebook4 months agoInstaDub: Meta’s AI Translation Tool for Instagram Videos
-
Facebook2 months agoFacebook’s New Look: A Blend of Instagram’s Style
-
Facebook2 months agoFacebook and Instagram to Reduce Personalized Ads for European Users
-
Facebook2 months agoReclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
-
Apple4 months agoMeta discontinues Messenger apps for Windows and macOS
