Palo Alto Networks warns of DoS bug letting hackers disable firewalls

Source: BleepingComputer

Author: Sergiu Gatlan

URL: https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-dos-bug-letting-hackers-disable-firewalls/

ONE SENTENCE SUMMARY:

Palo Alto Networks fixed a high-severity vulnerability affecting firewalls, advising upgrades to prevent potential denial-of-service attacks.

MAIN POINTS:

1. A high-severity vulnerability (CVE-2026-0227) affects next-gen firewalls with GlobalProtect enabled.
2. Vulnerability allows unauthenticated attackers to perform denial-of-service (DoS) attacks.
3. Most cloud-based Prisma Access instances have been patched with ongoing updates for remaining systems.
4. Nearly 6,000 firewalls are exposed online, with some configurations potentially still vulnerable.
5. No current evidence of the vulnerability being exploited in attacks.
6. Security updates are released, advising admins to upgrade to the latest versions.
7. Suggested upgrades for PAN-OS and Prisma Access versions ensure system security.
8. Palo Alto Networks firewalls have been previously targeted using zero-day vulnerabilities.
9. Recent threats include automated campaigns targeting GlobalProtect portals with brute-force attempts.
10. Palo Alto products are widely used by major U.S. banks and Fortune 10 companies.

TAKEAWAYS:

1. Ensure firewalls are updated to the recommended software versions promptly.
2. Monitor for ongoing threats targeting Palo Alto Networks’ products.
3. Recognize the critical importance of regular security updates.
4. Large enterprises and banks heavily rely on Palo Alto Networks’ security solutions.
5. GlobalProtect portals remain a common target for cyberattacks.