{"id":10600,"date":"2026-02-12T10:03:47","date_gmt":"2026-02-12T10:03:47","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/02\/12\/palo-alto-networks-firewall-vulnerability-allows-an-attacker-to-force-firewalls-into-a-reboot-loop\/"},"modified":"2026-02-12T10:03:47","modified_gmt":"2026-02-12T10:03:47","slug":"palo-alto-networks-firewall-vulnerability-allows-an-attacker-to-force-firewalls-into-a-reboot-loop","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/02\/12\/palo-alto-networks-firewall-vulnerability-allows-an-attacker-to-force-firewalls-into-a-reboot-loop\/","title":{"rendered":"Palo Alto Networks Firewall Vulnerability Allows an Attacker to Force Firewalls into a Reboot Loop"},"content":{"rendered":"<p>    Palo Alto Networks Firewall Vulnerability Allows an Attacker to Force Firewalls into a Reboot Loop<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>A critical denial-of-service (DoS) flaw in Palo Alto Networks\u2019 PAN-OS software could let unauthenticated <a href=\"https:\/\/cybersecuritynews.com\/net-snmp-vulnerability\/\" target=\"_blank\" rel=\"noreferrer noopener\">attackers crash firewalls<\/a> into endless reboot cycles, potentially crippling enterprise networks.<\/p>\n<p>Dubbed CVE-2026-0229, the vulnerability lurks in the Advanced DNS Security (ADNS) feature. An attacker sends a maliciously crafted packet to trigger a system reboot.<\/p>\n<p>Repeated exploitation forces the firewall into maintenance mode, halting traffic inspection and exposing organizations to outages. Cloud NGFW and Prisma Access remain unaffected.<\/p>\n<p>Palo Alto Networks detailed the issue in a security advisory, confirming that it affects only specific PAN-OS versions when ADNS is enabled alongside a spyware profile set to block, sinkhole, or alert traffic.<\/p>\n<h2 class=\"wp-block-heading\" id=\"h-affected-versions-and-fixes\"><strong>Affected Versions and Fixes<\/strong><\/h2>\n<figure class=\"wp-block-table\">\n<table class=\"has-fixed-layout\">\n<thead>\n<tr>\n<th>Product<\/th>\n<th>Affected Versions<\/th>\n<th>Fixed Versions<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>PAN-OS 12.1<\/td>\n<td>&lt; 12.1.4 (specifically 12.1.2\u201312.1.3)<\/td>\n<td>\u2265 12.1.4<\/td>\n<\/tr>\n<tr>\n<td>PAN-OS 11.2<\/td>\n<td>&lt; 11.2.10 (11.2.0\u201311.2.9)<\/td>\n<td>\u2265 11.2.10<\/td>\n<\/tr>\n<tr>\n<td>PAN-OS 11.1<\/td>\n<td>None<\/td>\n<td>All<\/td>\n<\/tr>\n<tr>\n<td>PAN-OS 10.2<\/td>\n<td>None<\/td>\n<td>All<\/td>\n<\/tr>\n<tr>\n<td>Cloud NGFW<\/td>\n<td>None<\/td>\n<td>All<\/td>\n<\/tr>\n<tr>\n<td>Prisma Access<\/td>\n<td>None<\/td>\n<td>All<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<p>The company urges admins to upgrade vulnerable systems immediately. Older, unsupported PAN-OS versions should migrate to a patched release. No workarounds exist, and Threat Prevention signatures can\u2019t detect exploits due to the vulnerability\u2019s design.<\/p>\n<p><a href=\"https:\/\/security.paloaltonetworks.com\/CVE-2026-0229\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Palo Alto reports no known exploitation<\/a> in the wild. Still, security experts warn of risks in high-traffic environments. \u201cDoS flaws like this can cascade into major disruptions, especially if chained with other attacks. Organizations relying on Palo Alto for perimeter defense must prioritize patching.<\/p>\n<p>Firewalls with ADNS form a key line of defense against DNS-based threats, making this exposure particularly concerning for enterprises blocking malicious domains. Admins should verify configurations and scan for unpatched systems via Palo Alto\u2019s support portal.<\/p>\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 94%,rgb(169,184,195) 100%)\"><strong>Follow us on <a href=\"https:\/\/news.google.com\/publications\/CAAqMggKIixDQklTR3dnTWFoY0tGV041WW1WeWMyVmpkWEpwZEhsdVpYZHpMbU52YlNnQVAB?hl=en-IN&amp;gl=IN&amp;ceid=IN:en\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Google News<\/a>, <a href=\"https:\/\/www.linkedin.com\/company\/cybersecurity-news\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">LinkedIn<\/a>, and <a href=\"https:\/\/x.com\/cyber_press_org\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">X<\/a> for daily cybersecurity updates. <a href=\"https:\/\/cybersecuritynews.com\/contact-us\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Contact us<\/a> to feature your stories.<\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/palo-alto-networks-firewall-reboot-loop\/\">Palo Alto Networks Firewall Vulnerability Allows an Attacker to Force Firewalls into a Reboot Loop<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Guru Baran<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/palo-alto-networks-firewall-reboot-loop\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Palo Alto Networks Firewall Vulnerability Allows an Attacker to Force Firewalls into a Reboot Loop A critical denial-of-service (DoS) flaw in Palo Alto Networks\u2019 PAN-OS software could let unauthenticated attackers crash firewalls into endless reboot cycles, potentially crippling enterprise networks. Dubbed CVE-2026-0229, the vulnerability lurks in the Advanced DNS Security (ADNS) feature. An attacker sends [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,131,648],"tags":[130],"class_list":["post-10600","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10600"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=10600"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10600\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=10600"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=10600"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=10600"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}