Full Report
Palo Alto Networks security advisory (AV26-118)
Analysis Summary
Based on the provided advisory context (AV26-118), the summary focuses on the vulnerabilities detailed in the related security bulletin entries (CVE-2026-0228 and CVE-2026-0229), as the main context document only lists the products and advisory ID.
Since the provided text does not contain the CVSS scores, technical details, exploitation status, or specific impacts for the listed CVEs, those sections will be marked as "Information not fully detailed in context."
# Vulnerability: Multiple Vulnerabilities in PAN-OS and Prisma Access (Advisory AV26-118)
## CVE Details
- CVE ID: Information not fully detailed in context (References provided for CVE-2026-0228 and CVE-2026-0229)
- CVSS Score: Information not fully detailed in context
- CWE: Information not fully detailed in context
## Affected Systems
- Products: PAN-OS, Prisma Access (on PAN-OS), Prisma Browser
- Versions:
- PAN-OS 12.1: versions prior to 12.1.4
- PAN-OS 11.2: versions prior to 11.2.8 and prior to 11.2.10 (Note: Check specific references for version discrepancies)
- PAN-OS 11.1: versions prior to 11.1.11
- PAN-OS 10.2: versions prior to 10.2.17
- Prisma Access (PAN-OS based): versions prior to 11.2.7-h10 and prior to 10.2.10-h28
- Prisma Browser: versions prior to 144.27.7.133
- Configurations: Dependent on specific CVEs (e.g., CVE-2026-0229 relates to Advanced DNS Security Feature)
## Vulnerability Description
The advisory AV26-118 aggregates multiple vulnerabilities addressed by Palo Alto Networks in February 2026. These include:
1. **CVE-2026-0228:** Improper Validation of Terminal Server Agent Certificate in PAN-OS.
2. **CVE-2026-0229:** Denial of Service (DoS) in the Advanced DNS Security Feature of PAN-OS.
3. Other vulnerabilities addressed in PAN-SA-2026-0002 (Chromium Vulnerability Update).
## Exploitation
- Status: Information not fully detailed in context (Specific exploitation status for each CVE is not provided in the summary text).
- Complexity: Information not fully detailed in context
- Attack Vector: Information not fully detailed in context
## Impact
- Confidentiality: Information not fully detailed in context
- Integrity: Information not fully detailed in context
- Availability: Information not fully detailed in context (CVE-2026-0229 explicitly mentions Denial of Service)
## Remediation
### Patches
The following patched versions are indicated as resolving the issues for the respective lines:
- PAN-OS 12.1: Update to 12.1.4 or later.
- PAN-OS 11.2: Update to 11.2.8 or 11.2.10 (or later specific versions).
- PAN-OS 11.1: Update to 11.1.11 or later.
- PAN-OS 10.2: Update to 10.2.17 or later.
- Prisma Access: Update to 11.2.7-h10 or 10.2.10-h28 (or later specific versions).
### Workarounds
- Administrators are encouraged to review the provided web links and perform suggested mitigations (specific mitigations are not detailed in this high-level summary).
## Detection
- Indicators of compromise: Information not fully detailed in context.
- Detection methods and tools: Review vendor-provided security advisories for specific IOCs related to the listed CVEs.
## References
- Vendor Advisories:
- Palo Alto Network Security Advisories: hxxps://security.paloaltonetworks.com/
- CVE-2026-0228 Details: hxxps://security.paloaltonetworks.com/CVE-2026-0228
- CVE-2026-0229 Details: hxxps://security.paloaltonetworks.com/CVE-2026-0229
- Chromium Update (PAN-SA-2026-0002): hxxps://security.paloaltonetworks.com/PAN-SA-2026-0002
- Relevant links:
- Canadian Centre for Cyber Security Advisory: hxxps://www.cyber.gc.ca/fr/alertes-avis/bulletin-securite-palo-alto-networks-av26-118