Palo Alto Networks patches denial-of-service vulnerability in GlobalProtect

Palo Alto Networks has addressed a denial-of-service (DoS) vulnerability, identified as CVE-2026-0227, affecting its GlobalProtect Gateway and Portal components. This flaw could allow attackers to force firewalls into a maintenance mode, disrupting network services. The severity of the vulnerability was rated at 7.7 out of 10, classifying it as high, Tech Radar reported.

The vulnerability, present in various versions of PAN-OS software, enables an unauthenticated attacker to trigger a DoS condition. Repeated exploitation can lead to the firewall entering a mandatory maintenance mode, rendering it inoperable. Affected versions include specific releases of PAN-OS 12.1, 11.2, 11.1, 10.2, and 10.1, as well as Prisma Access 11.2 and 10.2.

The vulnerability specifically impacts configurations with an enabled GlobalProtect Gateway or Portal. Palo Alto Networks' Cloud Next-Generation Firewall (NGFW) is not affected. No workarounds are available, and patching is the only mitigation. Organizations relying on remote access VPNs must prioritize timely application of security updates to prevent potential disruptions and maintain operational integrity.

Source: Tech Radar