Current Status
Partially Degraded Service
Components
Recent Incidents
Service degradation in westus2 due to Azure cloud service issue
minorMay 29, 2026
Latest update from Azure: Recovered Azure services: Service Bus, Storage, App Service (Web Apps), Azure Site Recovery, Virtual Machine, Virtual Machine scale set, Backup (MAB), Azure Cosmos DB, Azure Log Analytics, Application Insights, Azure Monitor, Azure Resource Manager, Data Explorer, Azure IoT Hub, Microsoft Defender for Cloud Apps, Azure Container Registry, Azure Kubernetes Service, Azure Policy, Azure NetApp Files, Azure Resource Graph, Azure Synapse, Azure Database for MySQL - Flexible Server Mitigation efforts are still underway to restore affected network components across dependent services, including Storage and Compute We are waiting for further updates from Azure
Content 9104 Pulled Out
noneMay 20, 2026 · resolved May 22
Issue Description On May 21, 2026, customers reported their traffic being blocked due to TID 97011: “D-Link Router DHCP Hostname Command Injection Vulnerability”, the TID was designed to block OS Command Injection attempts within the hostname fields of DHCP requests. However, the signature included a broad command-matching filter that led to false positives across customer environments, as it incorrectly triggered on legitimate hostnames containing overlapping character strings. Findings and Technical Analysis The D-Link Router DHCP Hostname Command Injection Vulnerability (TID 97011) is an OS command injection flaw that allows command execution attempts through the DHCP Hostname fields. This vulnerability has coverage related to CVE-2025-69542 and CVE-2025-14659, such as the DIR-895LA1 which targets D-Link devices and DIR-860LB1, respectively. Previous Detection Logic The initial detection logic for TID 97011 included a command-filtering string within DHCP hostname fields that lacked strict boundary delimiters Root Cause The false positive (FP) occurred because the signature's command-validation logic triggered against legitimate hostnames containing the targeted command string as a substring. This broad matching behavior resulted in unintended traffic disruptions for multiple customers. Proposed Solutions & Mitigation We improved the signature logic to make it more resilient against false positives. The updated signature has been released with content 9105-10068.
Prisma Cloud Incident [APP] - Degraded
minorMay 21, 2026 · resolved May 21
This incident has been resolved.
Cortex XDR/XSIAM/CLOUD - Sporadic issue with EDR uploads in the US region
noneMay 18, 2026 · resolved May 18
We have experienced a sporadic issue impacting EDR data uploads in the US region. Cortex XDR agent local protection continues to function normally.
Cortex Gateway (GOV) is currently experiencing degraded availability affecting the GW login page. Existing active sessions are expected to remain operational.
majorMay 14, 2026 · resolved May 14
This incident has been resolved.
Get alerted when Palo Alto Networks Cloud Services goes down
Alert24 monitors Palo Alto Networks Cloud Services and 3,700+ other cloud and SaaS providers. When an outage is detected, it updates your status page automatically and pages your on-call team. No manual updates at 2 AM.
