Volerion logoVolerion
Volerion logoVolerion

Palo Alto Networks PAN-OS Denial-of-Service Vulnerability Allowing Firewall Reboot

Vulnerability

A denial-of-service vulnerability has been identified in Palo Alto Networks PAN-OS software. This vulnerability allows an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. When the reboot is initiated repeatedly, the firewall enters maintenance mode. This issue affects PA-Series firewalls, VM-Series firewalls, and Prisma Access software, but does not impact Cloud NGFW. The vulnerability is present in PAN-OS versions 10.2, 11.1, and 11.2, with specific subversion ranges applicable.

Impact

Exploitation of this vulnerability causes the firewall to reboot and enter maintenance mode.

Remediation

Users can upgrade to PAN-OS 11.2.4-h4 or 11.2.5, or to PAN-OS 10.2.13-h3 or 10.2.14. For Prisma Access, upgrade to 11.2.4-h4 or 10.2.10-h14. Users on older, unsupported PAN-OS versions should upgrade to a supported fixed version.

Added: Nov 13, 2025, 9:19 PM
Updated: Nov 13, 2025, 9:19 PM

Vulnerability Rating

Custom Algorithm
spread
5.7
impact
2.5
exploitability
7.0
remediation
7.7
relevance
1.0
threat
0.0
urgency
5.7
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.