Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News
Sign In Sign Up

CVE-2025-0108

UNKNOWN
Published 2025-02-12T20:55:34.610Z
Actions:
No CVSS data available

Description

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.

You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

This issue does not affect Cloud NGFW or Prisma Access software.

Available Exploits

No exploits available for this CVE.

Related News

Palo Alto Firewalls Under Attack As Miscreants Chain Flaws For Root Access

A recently patched Palo Alto Networks vulnerability (CVE-2025-0108) is being actively exploited alongside two older flaws (CVE-2024-9474 and CVE-2025-0111), allowing attackers to gain root access to unpatched firewalls. The Register reports: This story starts…

Slashdot.org 2025-02-19 21:40
Read More
Palo Alto Networks tags new firewall bug as exploited in attacks

Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it with two other vulnerabilities to breach devices in active attacks. [...]

BleepingComputer 2025-02-19 15:38
Read More
Attackers are chaining flaws to breach Palo Alto Networks firewalls

Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ firewalls, are ramping up. “GreyNoise now sees 25 malicious IPs actively exploiting CVE-2025-…

Help Net Security 2025-02-19 08:50
Read More
CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0108 Palo Alto PAN-OS Authentication Bypass Vulnerability CVE-2024-53704 SonicWall SonicOS SSLVPN Improper …

Cisa.gov 2025-02-18 12:00
Read More

Affected Products

Palo Alto Networks

Cloud NGFW

Affected Versions:

All
Palo Alto Networks

PAN-OS

Affected Versions:

10.1.0 10.2.0 11.1.0 11.2.0
Palo Alto Networks

Prisma Access

Affected Versions:

All

Known Exploited Vulnerability

This vulnerability is actively being exploited in the wild

View KEV Details

Remediation Status

Overdue

Due Date

March 11, 2025

Added to KEV

February 18, 2025

Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Affected Product

Vendor/Project: Palo Alto Networks
Product: PAN-OS

Ransomware Risk

Known Ransomware Use
KEV Catalog Version: 2025.02.20 Released: February 20, 2025

References

https://security.paloaltonetworks.com/CVE-2025-0108
Published: 2025-02-12T20:55:34.610Z
Last Modified: 2025-04-03T15:30:48.771Z
Copied to clipboard!