diff --git a/polkadot/runtime/parachains/src/paras/mod.rs b/polkadot/runtime/parachains/src/paras/mod.rs
index 78bbc4992504bd857764604639a7099af67aec7b..1388f7c19af5497a0a042af5ae5864079faca583 100644
--- a/polkadot/runtime/parachains/src/paras/mod.rs
+++ b/polkadot/runtime/parachains/src/paras/mod.rs
@@ -709,6 +709,8 @@ pub mod pallet {
 		CannotUpgradeCode,
 		/// Invalid validation code size.
 		InvalidCode,
+		/// The given code is not authorized.
+		NotAuthorizedCode,
 	}
 
 	/// All currently active PVF pre-checking votes.
@@ -1202,12 +1204,14 @@ pub mod pallet {
 		) -> DispatchResultWithPostInfo {
 			// no need to ensure, anybody can do this
 
-			// check `new_code` is authorized
-			let Some(authorized_code_hash) = AuthorizedCodeHash::<T>::take(&para) else {
-				return Err(Error::<T>::CannotUpgradeCode.into())
-			};
-			let new_code_hash = new_code.hash();
-			ensure!(new_code_hash == authorized_code_hash, Error::<T>::CannotUpgradeCode);
+			// Ensure `new_code` is authorized
+			if let Some(authorized_code_hash) = AuthorizedCodeHash::<T>::take(&para) {
+				if new_code.hash() != authorized_code_hash {
+					return Err(Error::<T>::NotAuthorizedCode.into());
+				}
+			} else {
+				return Err(Error::<T>::NotAuthorizedCode.into());
+			}
 
 			// TODO: FAIL-CI - more validations?
 
diff --git a/polkadot/runtime/parachains/src/paras/tests.rs b/polkadot/runtime/parachains/src/paras/tests.rs
index 61324632f6b84ddfee32e3ff32f77f6580804ead..2eb1bf593b28fc7f9e45a9b1b98758ff8097fe3f 100644
--- a/polkadot/runtime/parachains/src/paras/tests.rs
+++ b/polkadot/runtime/parachains/src/paras/tests.rs
@@ -2041,7 +2041,7 @@ fn authorize_and_apply_set_current_code_works() {
 				para_a,
 				code_1.clone()
 			),
-			Error::<Test>::CannotUpgradeCode,
+			Error::<Test>::NotAuthorizedCode,
 		);
 
 		// non-root user cannot authorize
@@ -2066,7 +2066,7 @@ fn authorize_and_apply_set_current_code_works() {
 				para_a,
 				code_2.clone()
 			),
-			Error::<Test>::CannotUpgradeCode,
+			Error::<Test>::NotAuthorizedCode,
 		);
 		assert_eq!(AuthorizedCodeHash::<Test>::get(para_a), Some(code_1_hash));
 		assert!(CurrentCodeHash::<Test>::get(para_a).is_none());
@@ -2111,7 +2111,7 @@ fn authorize_and_apply_set_current_code_works() {
 				para_a,
 				code_1.clone()
 			),
-			Error::<Test>::CannotUpgradeCode,
+			Error::<Test>::NotAuthorizedCode,
 		);
 		assert_err!(
 			Paras::apply_authorized_force_set_current_code(
@@ -2119,7 +2119,7 @@ fn authorize_and_apply_set_current_code_works() {
 				para_a,
 				code_2.clone()
 			),
-			Error::<Test>::CannotUpgradeCode,
+			Error::<Test>::NotAuthorizedCode,
 		);
 
 		// apply just authorized