Improper Check for Unusual or Exceptional Conditions in Palo Alto PAN-OS - CVE-2026-0287

 

Improper Check for Unusual or Exceptional Conditions in Palo Alto PAN-OS - CVE-2026-0287

Published: July 10, 2026


Vulnerability identifier: #VU137318
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-0287
CWE-ID: CWE-754
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Palo Alto Networks, Inc.
Affected software:
Palo Alto PAN-OS

Detailed vulnerability description

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to improper check for unusual or exceptional conditions in network traffic processing on the dataplane interface when processing specially crafted network traffic sent to or through a dataplane interface. A remote attacker can send specially crafted network traffic to cause a denial of service.

Repeated attempts to trigger the issue result in the firewall entering maintenance mode. Panorama is not impacted.


How to mitigate CVE-2026-0287

Install security update from vendor's website.

Sources