US EditionPalo Alto patches a worrying security issue which could crash your firewall without even logging in
The flaw affects firewalls running PAN-OS 10.1+ and Prisma Access with GlobalProtect enabled; nearly 6,000 devices are tracked online by security groups, Palo Alto confirmed patch rollout.
- On Wednesday, Palo Alto Networks patched a high-severity PAN-OS flaw tracked as CVE-2026-0227 affecting PAN-OS 10.1 or later and said it had yet to find evidence of exploitation.
- A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service to the firewall. Repeated attempts result in the firewall entering maintenance mode, Palo Alto Networks explained.
- Security trackers show Shadowserver tracks nearly 6,000 exposed Palo Alto Networks firewalls, while GreyNoise warned of brute-force attempts from more than 7,000 IPs targeting GlobalProtect portals recently.
- Palo Alto Networks released security updates for all affected PAN-OS versions, urging administrators to upgrade; most Prisma Access cloud instances have been upgraded, with remaining customers scheduled promptly.
- As a widely used vendor, Palo Alto Networks serves over 70,000 customers including most largest U.S. banks and 90% of Fortune 10 companies and recently patched exploited PAN-OS zero-days in November 2024 and December 2024.
13 Articles
13 Articles
Palo Alto’s Firewall Firewall: New DoS Flaw Echoes Prior Zero-Day Chaos
In the high-stakes world of enterprise cybersecurity, Palo Alto Networks Inc. has rushed out patches for a critical denial-of-service vulnerability in its flagship firewalls, reigniting fears of widespread service disruptions just months after a nearly identical zero-day exploit rocked customers worldwide. Tracked as CVE-2026-0227, the flaw affects GlobalProtect gateways and portals in PAN-OS software versions prior to 11.1.6-h1, 11.2.3-h3, and …
Palo Alto Networks Patches PAN-OS Bug That Can Disrupt GlobalProtect
A Palo Alto Networks firewall vulnerability could let attackers disrupt remote access for organizations that depend on GlobalProtect, potentially pushing affected systems into maintenance mode and interrupting service. The flaw in PAN-OS that can be exploited by unauthenticated attackers over the network against GlobalProtect gateways and portals. The vulnerability “… enables an unauthenticated attacker to cause a denial of service (DoS) to the…
Network World
CSO OnlinePalo Alto Networks patches firewalls after discovery of a new denial-of-service flaw
Palo Alto Networks has issued patches for its PAN-OS firewall platform after a researcher uncovered a high-severity vulnerability which could be exploited by attackers to cause a denial-of-service (DoS). The flaw, identified as CVE-2026-0227 with a CVSS 7.7 (‘high’) severity rating, affects customers running PAN-OS NGFW (Next-Generation Firewall) or Prisma Access configurations with the company’s GlobalProtect remote access gateway or portal ena…
PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155)
A critical vulnerability (CVE-2025-64155) in Fortinet’s FortiSIEM security platform has now been accompanied by publicly released proof-of-concept (PoC) exploit code, raising the urgency for organizations to patch immediately. About CVE-2025-64155 CVE-2025-64155 may allow unauthenticated, remote attackers to execute unauthorized code or commands on vulnerable FortiSIEM deployments via specially crafted TCP requests. “This flaw targets the phMoni…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
