Palo Alto PAN-OS Multiple vulnerabilities

Last Update Date: 19 Feb 2025 Release Date: 13 Feb 2025 3386 Views

RISK: High Risk

High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in Palo Alto PAN-OS . A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, data manipulation and security restriction bypass on the targeted system.

 

Note:

Exploit in the wild has been detected for CVE-2025-0108 that enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. Hence, the risk level is rated as High Risk.

 

[Updated on 2025-02-19]

Updated Description and Risk level changed to high.

Impact

  • Remote Code Execution
  • Data Manipulation
  • Security Restriction Bypass

System / Technologies affected

  • PAN-OS 10.1 versions earlier than PAN-OS 10.1.14-h9
  • PAN-OS 10.2 versions earlier than PAN-OS 10.2.13-h3
  • PAN-OS 11.1 versions earlier than PAN-OS 11.1.6-h1
  • PAN-OS 11.2 versions earlier than PAN-OS 11.2.4-h4
  • PAN-OS OpenConfig Plugin versions earlier than 2.1.2

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

Related Tags

Palo Alto NetworksSecurity Restriction BypassData ManipulationRemote Code ExecutionExploit In The Wild

Share with

Previous

SonicWall Products Multiple Vulnerabilities

9 Jan 2025 3089 Views

Next

OpenSSH Multiple Vulnerabilities

19 Feb 2025 2603 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY