PatchSiren cyber security CVE debrief
CVE-2026-0243 Palo Alto Networks CVE debrief
CVE-2026-0243 is a denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices. An unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device can cause a system disruption by sending a specially crafted IPv6 packet. This vulnerability has a CVSS score of 4.9, indicating a medium severity level. The vulnerability exists due to improper handling of specially crafted IPv6 packets. Organizations should be aware of this vulnerability and take necessary precautions.
- Vendor
- Palo Alto Networks
- Product
- Prisma SD-WAN ION
- CVSS
- MEDIUM 4.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-13
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-05-13
- Advisory updated
- 2026-07-14
Who should care
Organizations using Palo Alto Networks Prisma SD-WAN ION devices, particularly those with versions 6.3.1 to 6.3.6, 6.4.1 to 6.4.3, and 6.5.1 to 6.5.3, should be aware of this vulnerability and take necessary precautions. Operators, platform administrators, vulnerability management teams, and security teams may be impacted by this vulnerability.
Technical summary
The vulnerability exists in the Prisma SD-WAN ION devices due to improper handling of specially crafted IPv6 packets. An unauthenticated attacker with network access can exploit this vulnerability to cause a system disruption, resulting in a denial of service (DoS) condition. The CVSS score for this vulnerability is 4.9, indicating a medium severity level. Affected product deployments should be identified and assessed for vulnerability.
Defensive priority
Medium
Recommended defensive actions
- Inventory and assess Prisma SD-WAN ION devices for vulnerability
- Apply vendor-provided patches or updates
- Implement compensating controls, such as network segmentation and access controls
- Monitor for suspicious network activity
- Verify and test remediation
Evidence notes
The CVE record was published on 2026-05-13T20:16:18.043Z and was last modified on 2026-07-14T16:39:30.347Z. The NVD entry is currently Analyzed. This information is based on the NVD entry and the CVE record. The vulnerability affects Palo Alto Networks Prisma SD-WAN ION devices. The evidence is limited to the information provided in the CVE record and NVD entry.
Official resources
-
CVE-2026-0243 CVE record
CVE.org
-
CVE-2026-0243 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-05-13T20:16:18.043Z and has not been modified since then. The NVD entry is currently Analyzed.