CVE-2025-0125
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2025-0125. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator.
The attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue does not affect Cloud NGFW and all Prisma® Access instances.
Available Exploits
Related News
Related content: CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement (Severity: LOW) CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface (Severity: MEDIUM) CVE-2025-4229 PAN-OS: Traffic Infor…
Related content: CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement (Severity: LOW) CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface (Severity: MEDIUM) CVE-2025-4229 PAN-OS: Traffic Infor…
Related content: CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement (Severity: LOW) CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface (Severity: MEDIUM) CVE-2025-4229 PAN-OS: Traffic Infor…
Related content: CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement (Severity: LOW) CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface (Severity: MEDIUM) CVE-2025-4229 PAN-OS: Traffic Infor…
Related content: CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement (Severity: LOW) CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface (Severity: MEDIUM) CVE-2025-4230 PAN-OS: Authenticated…
Affected Products
Affected Versions:
Affected Versions:
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA Analysis
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator.
The attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue does not affect Cloud NGFW and all Prisma® Access instances.
Affected Products (ENISA)
ENISA Scoring
CVSS Score (4.0)
ENISA References
Data provided by ENISA EU Vulnerability Database. Last updated: April 11, 2025
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:C/RE:M/U:Amber
References
Advisory provided by GitHub Security Advisory Database. Published: April 11, 2025, Modified: April 11, 2025