{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-0229","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","state":"PUBLISHED","assignerShortName":"palo_alto","dateReserved":"2025-11-03T20:43:50.406Z","datePublished":"2026-02-11T17:56:09.270Z","dateUpdated":"2026-02-11T18:58:48.926Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Cloud NGFW","vendor":"Palo Alto Networks","versions":[{"status":"unaffected","version":"All","versionType":"custom"}]},{"cpes":["cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"PAN-OS","vendor":"Palo Alto Networks","versions":[{"changes":[{"at":"12.1.4","status":"unaffected"}],"lessThan":"12.1.4","status":"affected","version":"12.1.0","versionType":"custom"},{"changes":[{"at":"11.2.10","status":"unaffected"}],"lessThan":"11.2.10","status":"affected","version":"11.2.0","versionType":"custom"},{"changes":[{"at":"11.1.11","status":"unaffected"}],"lessThan":"11.1.11","status":"unaffected","version":"11.1.0","versionType":"custom"},{"changes":[{"at":"10.2.17","status":"unaffected"}],"lessThan":"10.2.17","status":"unaffected","version":"10.2.0","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"Prisma Access","vendor":"Palo Alto Networks","versions":[{"changes":[{"at":"11.2.7-h10","status":"unaffected"},{"at":"10.2.10-h28","status":"unaffected"}],"lessThan":"10.2.10-h28","status":"unaffected","version":"All","versionType":"custom"}]}],"configurations":[{"lang":"eng","supportingMedia":[{"base64":false,"type":"text/html","value":"The firewall must have Advanced DNS Security (ADNS) enabled and a spyware profile with actions configured to block, sinkhole, or alert (i.e., any non-allow value)."}],"value":"The firewall must have Advanced DNS Security (ADNS) enabled and a spyware profile with actions configured to block, sinkhole, or alert (i.e., any non-allow value)."}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1.4","versionStartIncluding":"12.1.2","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.10","versionStartIncluding":"11.2.0","vulnerable":true}],"negate":false,"operator":"OR"}],"operator":"OR"}],"credits":[{"lang":"en","type":"finder","value":"an internal reporter, jliu@TikkalaSecurity,"}],"datePublic":"2026-02-11T17:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.

Cloud NGFW and Prisma Access® are not impacted by this vulnerability."}],"value":"A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.\n\nCloud NGFW and Prisma Access® are not impacted by this vulnerability."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}],"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}],"impacts":[{"capecId":"CAPEC-153","descriptions":[{"lang":"en","value":"CAPEC-153 Input Data Manipulation"}]}],"metrics":[{"cvssV4_0":{"Automatable":"YES","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":6.6,"baseSeverity":"MEDIUM","exploitMaturity":"UNREPORTED","privilegesRequired":"NONE","providerUrgency":"AMBER","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"DIFFUSE","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:D/RE:M/U:Amber","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"MODERATE"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-754","description":"CWE-754 Improper Check for Unusual or Exceptional Conditions","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2026-02-11T17:56:09.270Z"},"references":[{"tags":["vendor-advisory"],"url":"https://security.paloaltonetworks.com/CVE-2026-0229"}],"solutions":[{"lang":"eng","supportingMedia":[{"base64":false,"type":"text/html","value":"\n \n \n \n \n \n \n \n
Version
Minor Version
Suggested Solution
Cloud NGFW All No action needed. 
PAN-OS 12.1
12.1.2 through 12.1.3Upgrade to 12.1.4 or later.
PAN-OS 11.2
11.2.0 through 11.2.9Upgrade to 11.2.10 or later.
PAN-OS 11.1
No action needed.
PAN-OS 10.2
No action needed.
All older
unsupported
PAN-OS versions		 Upgrade to a supported fixed version.
Prisma Access AllNo action needed.
"}],"value":"VERSION MINOR VERSION SUGGESTED SOLUTION\nCloud NGFW All   No action needed. \nPAN-OS 12.1 12.1.2 through 12.1.3 Upgrade to 12.1.4 or later.\nPAN-OS 11.2 11.2.0 through 11.2.9 Upgrade to 11.2.10 or later.\nPAN-OS 11.1 No action needed.\nPAN-OS 10.2 No action needed.\nAll older   Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access All No action needed."}],"source":{"discovery":"INTERNAL"},"timeline":[{"lang":"en","time":"2026-02-11T17:00:00.000Z","value":"Initial Publication"}],"title":"PAN-OS: Denial of Service in Advanced DNS Security Feature","workarounds":[{"lang":"eng","supportingMedia":[{"base64":false,"type":"text/html","value":"No known workarounds exist for this issue. Due to the nature of this vulnerability, a Threat Prevention Signature to detect this is also not possible. "}],"value":"No known workarounds exist for this issue. Due to the nature of this vulnerability, a Threat Prevention Signature to detect this is also not possible."}],"x_affectedList":["PAN-OS 12.1.3-h3","PAN-OS 12.1.3-h1","PAN-OS 12.1.3","PAN-OS 12.1.2","PAN-OS 11.2.9","PAN-OS 11.2.8","PAN-OS 11.2.7-h10","PAN-OS 11.2.7-h8","PAN-OS 11.2.7-h7","PAN-OS 11.2.7-h4","PAN-OS 11.2.7-h3","PAN-OS 11.2.7-h2","PAN-OS 11.2.7-h1","PAN-OS 11.2.7","PAN-OS 11.2.6","PAN-OS 11.2.5","PAN-OS 11.2.4-h15","PAN-OS 11.2.4-h14","PAN-OS 11.2.4-h12","PAN-OS 11.2.4-h11","PAN-OS 11.2.4-h10","PAN-OS 11.2.4-h9","PAN-OS 11.2.4-h8","PAN-OS 11.2.4-h7","PAN-OS 11.2.4-h6","PAN-OS 11.2.4-h5","PAN-OS 11.2.4-h4","PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0"],"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-02-11T18:30:06.401502Z","id":"CVE-2026-0229","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-11T18:58:48.926Z"}}]}}