Palo Alto PAN-OS Information Disclosure Vulnerability

Release Date: 21 Feb 2025 752 Views

RISK: Medium Risk

Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability was identified in Palo Alto PAN-OS. A remote attacker can exploit this vulnerability to trigger information disclosure on the targeted system.

 

Note:

 

CVE-2025-0111 is being exploited in the wild. Exploitation of CVE-2025-0111 will cause an authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.

Impact

  • Information Disclosure

System / Technologies affected

  • PAN-OS 10.1 versions < 10.1.14-h9
  • PAN-OS 10.2 versions < 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3
  • PAN-OS 11.1 versions < 11.1.2-h18, < 11.1.6-h1
  • PAN-OS 11.2 versions < 11.2.4-h4

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Vulnerability Identifier

Source

Related Link

Related Tags

Palo Alto NetworksInformation DisclosureExploit In The WildPAN-OS

Share with

Previous

Cisco AsyncOS Security Restriction Bypass Vulnerability

21 Feb 2025 545 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY