Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2025-4230

UNKNOWN
Published 2025-06-12T23:30:15.781Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-4230. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.

The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.

Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Available Exploits

No exploits available for this CVE.

Related News

CVE-2025-0140 GlobalProtect App: Non Admin User Can Disable the GlobalProtect App (Severity: MEDIUM)

Related content: PAN-SA-2025-0013 Chromium: Monthly Vulnerability Update (July 2025) (Severity: HIGH) CVE-2025-0135 GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App (Severity: LOW) CVE-2025-4230 PAN-OS: Authenticated Admin Command …

Paloaltonetworks.com 2025-07-09 16:00
Read More
CVE-2025-0139 Autonomous Digital Experience Manager: Privilege Escalation (PE) Vulnerability (Severity: LOW)

Related content: PAN-SA-2025-0013 Chromium: Monthly Vulnerability Update (July 2025) (Severity: HIGH) CVE-2025-0135 GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App (Severity: LOW) CVE-2025-4230 PAN-OS: Authenticated Admin Command …

Paloaltonetworks.com 2025-07-09 16:00
Read More
CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability (Severity: LOW)

Related content: CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement (Severity: LOW) CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface (Severity: MEDIUM) CVE-2025-4230 PAN-OS: Authenticated…

Paloaltonetworks.com 2025-06-11 16:00
Read More
CVE-2025-4230 PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI (Severity: MEDIUM)

Related content: CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement (Severity: LOW) CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface (Severity: MEDIUM) CVE-2025-4229 PAN-OS: Traffic Infor…

Paloaltonetworks.com 2025-06-11 16:00
Read More

Affected Products

Palo Alto Networks

Cloud NGFW

Affected Versions:

All
Palo Alto Networks

PAN-OS

Affected Versions:

11.2.0 11.1.0 10.2.0 10.1.0
Palo Alto Networks

Prisma Access

Affected Versions:

All

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.

The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.

Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Affected Products (ENISA)

palo alto networks
pan-os

ENISA Scoring

CVSS Score (4.0)

8.4
/10
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/R:U/V:D/U:Amber

EPSS Score

0.170
probability

ENISA References

https://security.paloaltonetworks.com/CVE-2025-4230
https://nvd.nist.gov/vuln/detail/CVE-2025-4230

Data provided by ENISA EU Vulnerability Database. Last updated: June 13, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-hg7r-cqcx-pf83

Advisory Details

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. Cloud NGFW and Prisma® Access are not affected by this vulnerability.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:D/RE:X/U:Amber

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-4230
WEB https://security.paloaltonetworks.com/CVE-2025-4230

Advisory provided by GitHub Security Advisory Database. Published: June 13, 2025, Modified: June 13, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

1 post
Reddit 1 month ago
MauriceTorres
Exploit PoC

𝐓𝐨𝐝𝐚𝐲'𝐬 𝐏𝐚𝐭𝐜𝐡 𝐓𝐮𝐞𝐬𝐝𝐚𝐲 𝐨𝐯𝐞𝐫𝐯𝐢𝐞𝐰 • Microsoft has addressed 𝟏𝟑𝟕 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐢𝐞𝐬, 𝐧𝐨 𝐳𝐞𝐫𝐨-𝐝𝐚𝐲𝐬, 𝟏𝟒 𝐜𝐫𝐢𝐭𝐢𝐜𝐚𝐥 and 𝐨𝐧𝐞 𝐰𝐢𝐭𝐡 𝐏𝐨𝐂 • Third-party: web browsers, Linux Sudo, Citrix NetScaler, Cisco, WordPress, WinRAR, Brother printers, GitHub, Teleport, Veeam, Grafana, Palo Alto Networks, and Trend Micro. Navigate to 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐃𝐢𝐠𝐞𝐬𝐭 𝐟𝐫𝐨𝐦 𝐀𝐜𝐭𝐢𝐨𝐧𝟏 for comprehensive summary …

Also mentions: CVE-2025-20309 CVE-2025-6554 CVE-2025-6463 CVE-2024-51978 CVE-2025-32463 CVE-2025-32462 CVE-2024-51977 CVE-2025-20282 CVE-2025-20281 CVE-2025-49212 CVE-2025-23121 CVE-2025-49825 CVE-2025-49220 CVE-2025-5777 CVE-2025-4232 CVE-2025-4231 CVE-2025-33053 CVE-2025-4123 CVE-2025-3509
11
11.0
View Original High Risk

References

https://security.paloaltonetworks.com/CVE-2025-4230
Published: 2025-06-12T23:30:15.781Z
Last Modified: 2025-06-13T13:32:41.271Z
Copied to clipboard!