CoreTechDaily

Palo Alto Addresses Critical DoS Vulnerability in GlobalProtect Products

Palo Alto Networks has patched a high-severity vulnerability in its GlobalProtect Gateway and Portal that could lead to Denial of Service attacks.

Updated Jan 15, 2026
Tags:securityPalo AltoVPNcybersecurityGlobalProtect
Palo Alto Addresses Critical DoS Vulnerability in GlobalProtect Products
Andrew Wallace

Andrew Wallace

Professional Tech Editor

Focuses on professional-grade hardware, software, and enterprise solutions.

  • Palo Alto patched CVE-2026-0227, a DoS flaw in GlobalProtect Gateway and Portal
  • Vulnerability could force firewalls into maintenance mode; severity rated 7.7/10
  • Cloud NGFW unaffected; patches required as no workarounds exist, no abuse reported yet

Palo Alto Networks has resolved a significant vulnerability affecting some of its products, which could allow attackers to execute Denial of Service (DoS) attacks, putting the compromised systems into maintenance mode.

In a recent security advisory, the company disclosed a DoS vulnerability in its GlobalProtect Gateway and Portal, which are key components of its remote access VPN system.

This vulnerability, identified as CVE-2026-0227, has been assigned a severity score of 7.7 out of 10.

Vulnerable Versions and Workarounds

The advisory states, "A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue result in the firewall entering maintenance mode."

Below is the complete list of affected product versions:

PAN-OS 12.1 < 12.1.3-h3, < 12.1.4

PAN-OS 11.2 < 11.2.4-h15, < 11.2.7-h8, < 11.2.10-h2

PAN-OS 11.1 < 11.1.4-h27, < 11.1.6-h23, < 11.1.10-h9, < 11.1.13

PAN-OS 10.2 < 10.2.7-h32, < 10.2.10-h30, < 10.2.13-h18, < 10.2.16-h6, < 10.2.18-h1

PAN-OS 10.1 < 10.1.14-h20

Prisma Access 11.2 < 11.2.7-h8

Prisma Access 10.2 < 10.2.10-h29

Palo Alto emphasized that the vulnerability can only be exploited on PAN-OS NGFW or Prisma Access configurations with an enabled GlobalProtect Gateway or Portal.

The Cloud Next-Generation Firewall (NGFW) remains unaffected, and currently, there are no known workarounds to mitigate this flaw. The only solution is to apply the provided patch.

The company noted, "We have successfully completed the Prisma Access upgrade for most customers, with a few still in progress due to conflicting upgrade schedules. Remaining customers are being promptly scheduled for an upgrade through our standard upgrade process."

At this time, there is no evidence of exploitation in the wild.

Via The Hacker News

React to this story

Related Posts

Understanding the Risks of Hijacked .arpa Domains in Phishing Scams

Mar 2, 2026

Understanding the Risks of Hijacked .arpa Domains in Phishing Scams

Learn how hackers exploit .arpa domains for phishing attacks, and what you can do to protect yourself.

How Cybercriminals Are Using Women for Social Engineering Scams

Mar 2, 2026

How Cybercriminals Are Using Women for Social Engineering Scams

Discover how cybercriminals are recruiting women to enhance their social engineering scams, offering significant pay and targeting major companies.

Concerns Over Lovable's Malware-Ridden Apps: What Users Need to Know

Mar 2, 2026

Concerns Over Lovable's Malware-Ridden Apps: What Users Need to Know

Lovable's coding service faces accusations of hosting malware, prompting developers to reassess their app security practices.

How Cloud Migration Supports AI Opportunities for Businesses

Mar 1, 2026

How Cloud Migration Supports AI Opportunities for Businesses

Explore the critical steps in cloud migration that enable businesses to leverage AI effectively, including governance and security.