Primary

Context

Palo Alto Networks PAN-OS Denial-of-Service Vulnerability in Advanced DNS Security Feature

Vulnerability

Patched

A denial-of-service vulnerability has been identified in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS software. This vulnerability allows an unauthenticated attacker to cause system reboots by sending maliciously crafted packets. Repeated attempts to trigger a reboot can cause the firewall to enter maintenance mode. This issue affects PAN-OS versions 12.1.2 prior to 12.1.4 and 11.2.0 prior to 11.2.10. Cloud NGFW and Prisma Access are not impacted.

Impact

Exploitation of this vulnerability leads to unauthorized system reboots, causing the firewall to enter maintenance mode.

Remediation

Users can upgrade to PAN-OS 12.1.4 or later, or to PAN-OS 11.2.10 or later. For all older unsupported PAN-OS versions, upgrading to a supported fixed version is recommended.

Added: Feb 11, 2026, 6:19 PM

Updated: Feb 11, 2026, 6:19 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

7.3

remediation

7.7

relevance

2.8

threat

0.0

urgency

5.7

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

7.3

remediation

7.7

relevance

2.8

threat

0.0

urgency

5.7

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Palo Alto Networks PAN-OS Denial-of-Service Vulnerability in Advanced DNS Security Feature

Vulnerability

Impact

Remediation

Affected Products

Palo Alto Networks PAN-OS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating