Palo Alto Networks has launched security updates for a high-severity security flaw impacting GlobalProtect Gateway and Portal, for which it stated there exists a proof-of-concept (PoC) exploit.
The vulnerability, tracked as CVE-2026-0227 (CVSS rating: 7.7), has been described as a denial-of-service (DoS) situation impacting GlobalProtect PAN-OS software program arising because of an improper examine for distinctive situations (CWE-754)
“A vulnerability in Palo Alto Networks PAN-OS software program permits an unauthenticated attacker to trigger a denial-of-service (DoS) to the firewall,” the corporate stated in an advisory launched Wednesday. “Repeated makes an attempt to set off this concern end result within the firewall coming into into upkeep mode.”
The problem, found and reported by an unnamed exterior researcher, impacts the next variations –
- PAN-OS 12.1 < 12.1.3-h3, < 12.1.4
- PAN-OS 11.2 < 11.2.4-h15, < 11.2.7-h8, < 11.2.10-h2
- PAN-OS 11.1 < 11.1.4-h27, < 11.1.6-h23, < 11.1.10-h9, < 11.1.13
- PAN-OS 10.2 < 10.2.7-h32, < 10.2.10-h30, < 10.2.13-h18, < 10.2.16-h6, < 10.2.18-h1
- PAN-OS 10.1 < 10.1.14-h20
- Prisma Entry 11.2 < 11.2.7-h8
- Prisma Entry 10.2 < 10.2.10-h29
Palo Alto Networks additionally clarified that the vulnerability is relevant solely to PAN-OS NGFW or Prisma Entry configurations with an enabled GlobalProtect gateway or portal. The corporate’s Cloud Subsequent-Technology Firewall (NGFW) shouldn’t be impacted. There are not any workarounds to mitigate the flaw.
Whereas there is no such thing as a proof that the vulnerability has been exploited within the wild, it is important to maintain the units up-to-date, particularly provided that uncovered GlobalProtect gateways have witnessed repeated scanning exercise over the previous 12 months.
