Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2025-4231

UNKNOWN
Published 2025-06-12T23:27:31.432Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-4231. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user.

The attacker must have network access to the management web interface and successfully authenticate to exploit this issue.

Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Understanding This Vulnerability

This Common Vulnerabilities and Exposures (CVE) entry provides detailed information about a security vulnerability that has been publicly disclosed. CVEs are standardized identifiers assigned by MITRE Corporation to track and catalog security vulnerabilities across software and hardware products.

The severity rating (UNKNOWN) indicates the potential impact of this vulnerability based on the CVSS (Common Vulnerability Scoring System) framework. Higher severity ratings typically indicate vulnerabilities that could lead to more significant security breaches if exploited. Security teams should prioritize remediation efforts based on severity, exploit availability, and the EPSS (Exploit Prediction Scoring System) score, which predicts the likelihood of exploitation in the wild.

If this vulnerability affects products or systems in your infrastructure, we recommend reviewing the affected products section, checking for available patches or updates from vendors, and implementing recommended workarounds or solutions until a permanent fix is available. Organizations should also monitor security advisories and threat intelligence feeds for updates about active exploitation of this vulnerability.

Available Exploits

No exploits available for this CVE.

Related News

CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability (Severity: LOW)

Related content: CVE-2025-4232 GlobalProtect: Authenticated Code Injection Through Wildcard on macOS (Severity: MEDIUM) CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability (Severity: LOW) CVE-2025-4231 PAN-OS: Authenticated Admin Command Inject…

Paloaltonetworks.com 2025-08-11 16:30
Read More
CVE-2025-4231 PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface (Severity: MEDIUM)

Related content: CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement (Severity: LOW) CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface (Severity: MEDIUM) CVE-2025-4229 PAN-OS: Traffic Infor…

Paloaltonetworks.com 2025-06-11 16:00
Read More

Affected Products

Palo Alto Networks

Cloud NGFW

Affected Versions:

All
Palo Alto Networks

PAN-OS

Affected Versions:

11.2.0 11.1.0 11.0.0 10.2.0 10.1.0
Palo Alto Networks

Prisma Access

Affected Versions:

All

References

https://security.paloaltonetworks.com/CVE-2025-4231 (CNA)

Workarounds

Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431

* Palo Alto Networks official and detailed technical documentation: https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices

Solutions

Version
Minor Version
Suggested Solution
PAN-OS 11.2
No action needed.PAN-OS 11.1
No action needed.
PAN-OS 11.0*

11.0.0 through 11.0.2
Upgrade to 11.0.3 or later.

PAN-OS 10.2

10.2.0 through 10.2.7
Upgrade to 10.2.8 or later.
PAN-OS 10.1Upgrade to 10.2.8 or 11.0.3 or later.All older
unsupported
PAN-OS versions Upgrade to a supported fixed version.
*PAN-OS 11.0 has reached EoL. We listed it here for completeness because a patch for PAN-OS 11.0 was released before it reached EoL. If you are still using any vulnerable EoL versions, we strongly recommend that you upgrade to a supported fixed PAN-OS version.

Credits & Acknowledgments

finder

spcnvdr

Timeline

Initial Publication

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

Malicious code in bioql (PyPI)

Affected Products (ENISA)

palo alto networks
cloud ngfw

ENISA Scoring

CVSS Score (4.0)

8.6
/10
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber

EPSS Score

0.370
probability

ENISA References

https://security.paloaltonetworks.com/CVE-2025-4231
https://nvd.nist.gov/vuln/detail/CVE-2025-4231

Data provided by ENISA EU Vulnerability Database. Last updated: October 3, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-vm6c-rqg9-5qqr

Advisory Details

A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-4231
WEB https://security.paloaltonetworks.com/CVE-2025-4231

Advisory provided by GitHub Security Advisory Database. Published: June 13, 2025, Modified: October 22, 2025

References

https://security.paloaltonetworks.com/CVE-2025-4231
Published: 2025-06-12T23:27:31.432Z
Last Modified: 2025-06-13T13:32:58.253Z
Copied to clipboard!