Alerts
Critical Vulnerability in Palo Alto Networks PAN-OS
27 February 2025
There have been reports of active exploitation of a critical authentication bypass vulnerability (CVE-2025-0108) in Palo Alto Networks PAN-OS. Administrators of affected systems are strongly advised to update to the latest version immediately.
Palo Alto Networks has released security updates addressing a critical vulnerability (CVE-2025-0108) affecting their PAN-OS software. The vulnerability is reportedly being chained with CVE-2024-9474 and/or CVE-2025-0111 in exploitation attempts.
Successful exploitation of the authentication bypass vulnerability in the management web interface could allow an unauthenticated attacker with network access to bypass authentication and invoke certain PHP: Hypertext Preprocessor (PHP) scripts. While this does not enable remote code execution, it can negatively impact the integrity and confidentiality of PAN-OS.
The vulnerability affects the following PAN-OS versions:
PAN-OS 11.2:
Versions prior to 11.2.4-h4
Versions prior to 11.2.5
PAN-OS 11.1:
Versions prior to 11.1.2-h18
Versions prior to 11.1.4-h13
Versions prior to 11.1.6-h1
PAN-OS 10.2:
Versions prior to 10.2.7-h24
Versions prior to 10.2.8-h21
Versions prior to 10.2.9-h21
Versions prior to 10.2.10-h14
Versions prior to 10.2.11-h12
Versions prior to 10.2.12-h6
Versions prior to 10.2.13-h3
PAN-OS 10.1:
Versions prior to 10.1.14-h9
PAN-OS 11.0 is also affected by the vulnerability but has reached end of life (EoL).
Users and administrators of affected products are advised to update to the latest versions or upgrade to a supported fixed version immediately.
More information is available here: