Palo Alto Fixes GlobalProtect DoS Flaw That Can Crash Firewalls With out Login

Ravie LakshmananJan 15, 2026Community Safety / Vulnerability

Palo Alto Networks has launched safety updates for a high-severity safety flaw impacting GlobalProtect Gateway and Portal, for which it mentioned there exists a proof-of-concept (PoC) exploit.

The vulnerability, tracked as CVE-2026-0227 (CVSS rating: 7.7), has been described as a denial-of-service (DoS) situation impacting GlobalProtect PAN-OS software program arising because of an improper verify for distinctive situations (CWE-754)

“A vulnerability in Palo Alto Networks PAN-OS software program allows an unauthenticated attacker to trigger a denial-of-service (DoS) to the firewall,” the corporate mentioned in an advisory launched Wednesday. “Repeated makes an attempt to set off this challenge consequence within the firewall coming into into upkeep mode.”

The problem, found and reported by an unnamed exterior researcher, impacts the next variations –

• PAN-OS 12.1 < 12.1.3-h3, < 12.1.4
• PAN-OS 11.2 < 11.2.4-h15, < 11.2.7-h8, < 11.2.10-h2
• PAN-OS 11.1 < 11.1.4-h27, < 11.1.6-h23, < 11.1.10-h9, < 11.1.13
• PAN-OS 10.2 < 10.2.7-h32, < 10.2.10-h30, < 10.2.13-h18, < 10.2.16-h6, < 10.2.18-h1
• PAN-OS 10.1 < 10.1.14-h20
• Prisma Entry 11.2 < 11.2.7-h8
• Prisma Entry 10.2 < 10.2.10-h29

Palo Alto Networks additionally clarified that the vulnerability is relevant solely to PAN-OS NGFW or Prisma Entry configurations with an enabled GlobalProtect gateway or portal. The corporate’s Cloud Subsequent-Era Firewall (NGFW) shouldn’t be impacted. There are not any workarounds to mitigate the flaw.

Whereas there is no such thing as a proof that the vulnerability has been exploited within the wild, it is important to maintain the units up-to-date, particularly on condition that uncovered GlobalProtect gateways have witnessed repeated scanning exercise over the previous 12 months.