CVE-2026-0227 PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal

Palo Alto Networks has disclosed a critical vulnerability, CVE-2026-0227, in PAN-OS software that allows an unauthenticated attacker to cause a denial of service (DoS) in GlobalProtect Gateway and Portal. Repeated attempts to exploit this vulnerability can force the firewall into maintenance mode. This issue affects PAN-OS NGFW or Prisma Access configurations with an enabled GlobalProtect gateway or portal. Palo Alto Networks is not aware of any malicious exploitation of this issue, but no workarounds are available. Affected versions include PAN-OS 12.1.3, 12.1.2, 11.2.x, 11.1.x, and 10.2.x.