CVE-2026-0243 | THREATINT

Description

A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet.

PUBLISHED Reserved 2025-11-03 | Published 2026-05-13 | Updated 2026-05-14 | Assigner palo_alto

MEDIUM: 4.9CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:U/AU:Y/R:U/V:D/RE:M/U:Amber

Problem types

CWE-606 Unchecked Input for Loop Condition

Product status

Default status

unaffected

6.5.0 (custom) before 25.3.3

affected

6.4.0 (custom) before 25.1.8

affected

6.3.0 (custom) before 24.3.6

affected

6.1.0 (custom)

unaffected

5.6.0 (custom)

unaffected

Timeline

2026-05-13:

Initial publication.

Credits

Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue. other

References

security.paloaltonetworks.com/CVE-2026-0243 vendor-advisory

cve.org (CVE-2026-0243)

nvd.nist.gov (CVE-2026-0243)

Download JSON