Description
A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Cloud NGFW and Prisma Access® are not impacted by this vulnerability.
Scores
CVSS v4
6.6
EPSS
0.0003
EPSS Percentile
7.5%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:D/RE:M/U:Amber
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-754
Status
published
Products (6)
Palo Alto Networks/Cloud NGFW
All
Palo Alto Networks/PAN-OS
10.2.0 - 10.2.17
Palo Alto Networks/PAN-OS
11.1.0 - 11.1.11
Palo Alto Networks/PAN-OS
11.2.0 - 11.2.10
Palo Alto Networks/PAN-OS
12.1.0 - 12.1.4
Palo Alto Networks/Prisma Access
All - 10.2.10-h28
Published
Feb 11, 2026
Tracked Since
Feb 18, 2026