CVE-2026-0229 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-0229 PUBLISHED CVSS 6.599999904632568 MEDIUM

A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Cloud NGFW and Prisma Access® are not impacted by this vulnerability.

EPSS 0.03% · 7.0th percentile

Risk Scores

CVSS v4.0

6.599999904632568

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:D/RE:M/U:Amber

EPSS Score

0.03%

7.0th percentile

Affected Products

Vendor	Product	Versions
Palo Alto Networks	PAN-OS	12.1.0, 11.2.0, 11.1.0
Palo Alto Networks	Prisma Access	All
Palo Alto Networks	Cloud NGFW	All
palo_alto_networks	pan-os	12.1.2, 11.2.0

Timeline

Nov 3, 2025 CVE ID Reserved
Feb 11, 2026 CVE Published
Feb 11, 2026 PoC Published
Feb 11, 2026 CVE Updated
Feb 11, 2026 PoC Published
Feb 11, 2026 PoC Published
Feb 12, 2026 EPSS Score
Feb 12, 2026 PoC Published
Feb 12, 2026 PoC Published
Feb 12, 2026 PoC Published
Feb 13, 2026 EPSS Score
Feb 13, 2026 PoC Published

References

https://security.paloaltonetworks.com/CVE-2026-0229 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-0229 advisory
https://security.paloaltonetworks.com/PAN-SA-2026-0002 advisory
https://security.paloaltonetworks.com/CVE-2026-0228 advisory

Open in Interactive Console →