Jan 15, 2026Ravie LakshmananNetwork Safety / Vulnerability
Palo Alto Networks has launched safety updates for a high-severity safety flaw impacting GlobalProtect Gateway and Portal, for which it stated there exists a proof-of-concept (PoC) exploit.
The vulnerability, tracked as CVE-2026-0227 (CVSS rating: 7.7), has been described as a denial-of-service (DoS) situation impacting GlobalProtect PAN-OS software program arising because of an improper verify for distinctive situations (CWE-754)
“A vulnerability in Palo Alto Networks PAN-OS software program allows an unauthenticated attacker to trigger a denial-of-service (DoS) to the firewall,” the corporate stated in an advisory launched Wednesday. “Repeated makes an attempt to set off this concern end result within the firewall coming into into upkeep mode.”
The difficulty, found and reported by an unnamed exterior researcher, impacts the next variations –
PAN-OS 12.1 < 12.1.3-h3, < 12.1.4
PAN-OS 11.2 < 11.2.4-h15, < 11.2.7-h8, < 11.2.10-h2
PAN-OS 11.1 < 11.1.4-h27, < 11.1.6-h23, < 11.1.10-h9, < 11.1.13
PAN-OS 10.2 < 10.2.7-h32, < 10.2.10-h30, < 10.2.13-h18, < 10.2.16-h6, < 10.2.18-h1
PAN-OS 10.1 < 10.1.14-h20
Prisma Entry 11.2 < 11.2.7-h8
Prisma Entry 10.2 < 10.2.10-h29
Palo Alto Networks additionally clarified that the vulnerability is relevant solely to PAN-OS NGFW or Prisma Entry configurations with an enabled GlobalProtect gateway or portal. The corporate’s Cloud Subsequent-Era Firewall (NGFW) just isn’t impacted. There aren’t any workarounds to mitigate the flaw.
Whereas there isn’t any proof that the vulnerability has been exploited within the wild, it is important to maintain the units up-to-date, particularly provided that uncovered GlobalProtect gateways have witnessed repeated scanning exercise over the previous yr.
