InfoSecBulletin Cybersecurity for mankind
Palo Alto Networks released a security advisory about a DoS vulnerability in its PAN-OS software, particularly in the Advanced DNS Security feature. The vulnerability, identified as CVE-2026-0229, has a CVSSv4 score of 6.6 and may allow unauthenticated attackers to cause firewalls to restart repeatedly, leading to maintenance mode.
The vulnerability highlights the fragility of specialized security features when faced with malformed data. By sending a “maliciously crafted packet,” an attacker can trigger a system crash without ever logging in.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
The vulnerability comes from the way the ADNS feature handles certain network packets. The advisory explains the mechanism of the attack simply: “A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet.”.
Not all Palo Alto Networks firewalls are vulnerable; the risk depends on specific configurations.
ADNS Enabled: The firewall must have the Advanced DNS Security feature turned on.
Spyware Profile: It must also have a spyware profile configured with actions set to “block, sinkhole, or alert (i.e., any non-allow value)”.
If these conditions are met, the system is vulnerable. Fortunately, Cloud NGFW and Prisma Access are not impacted by this issue. Palo Alto Networks has issued patches for the affected PAN-OS versions.
Administrators should check their software version and apply the following updates:
PAN-OS 12.1: Upgrade to 12.1.4 or later (Affected: < 12.1.4).
PAN-OS 11.2: Upgrade to 11.2.10 or later (Affected: < 11.2.10).
Versions 11.1, 10.2, and Prisma Access are completely unaffected.
