{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-0262/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["PAN-OS","Prisma Access"],"_cs_severities":["medium"],"_cs_tags":["dos","denial of service","CVE-2026-0262"],"_cs_type":"advisory","_cs_vendors":["Palo Alto Networks"],"content_html":"\u003cp\u003eMultiple denial of service vulnerabilities exist in Palo Alto Networks PAN-OS software. An unauthenticated attacker with network access can exploit these vulnerabilities (CVE-2026-0262) to cause a denial-of-service (DoS) condition. The vulnerabilities are triggered by sending specially crafted network traffic to the affected PAN-OS device. Panorama and Cloud NGFW are not affected. These vulnerabilities impact multiple versions of PAN-OS, including 10.2, 11.1, 11.2, and 12.1. Palo Alto Networks internally discovered these issues.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies a vulnerable PAN-OS firewall exposed to network traffic.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts malicious network traffic specifically designed to exploit the parsing vulnerabilities.\u003c/li\u003e\n\u003cli\u003eThe attacker sends the crafted network traffic to the vulnerable PAN-OS firewall.\u003c/li\u003e\n\u003cli\u003eThe PAN-OS device attempts to parse the malicious traffic.\u003c/li\u003e\n\u003cli\u003eDue to improper checks for unusual or exceptional conditions (CWE-754) during parsing, the device\u0026rsquo;s resources are consumed.\u003c/li\u003e\n\u003cli\u003eThe device experiences a denial-of-service condition, impacting network availability.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-0262 can lead to a denial-of-service (DoS) condition on affected Palo Alto Networks PAN-OS firewalls. This can disrupt network services, impacting business operations and potentially leading to financial losses. While Palo Alto Networks is unaware of any malicious exploitation, the CVSS score indicates high availability impact if exploited.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade PAN-OS to the fixed versions specified in the Palo Alto Networks advisory to remediate CVE-2026-0262.\u003c/li\u003e\n\u003cli\u003eCustomers with a Threat Prevention subscription can enable Threat IDs 510011, 510015, 510022 (HTTP traffic only), and 510023 to block attacks targeting CVE-2026-0262. Note that SSL Decryption is required for these Threat IDs.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for patterns indicative of denial-of-service attacks, focusing on potentially malformed packets.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect CVE-2026-0262 Possible DoS Attack\u003c/code\u003e to identify potential exploitation attempts based on suspicious network connections to PAN-OS devices.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-13T16:03:39Z","date_published":"2026-05-13T16:03:39Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-0262-panos-dos/","summary":"Unauthenticated attackers can cause a denial of service (DoS) condition on Palo Alto Networks PAN-OS firewalls by sending specially crafted network traffic, as described in CVE-2026-0262.","title":"CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-0262-panos-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — CVE-2026-0262","version":"https://jsonfeed.org/version/1.1"}