SQL Injection Vulnerability in Palo Alto Networks Expedition
CVE-2025-0103

9.2CRITICAL

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Expedition; Panorama; Pan-os
Vendor: CVE Published:; 11 January 2025

Badges

👾 Exploit Exists

Summary

An SQL injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to access sensitive database information. This includes revealing password hashes, usernames, device configurations, and API keys. Moreover, the flaw can be exploited to create and read arbitrary files on the Expedition system, further compromising its integrity and security. It is crucial for users of Expedition to apply security patches and follow best practices to mitigate this risk.

Affected Version(s)

Expedition 1 < 1.2.100

Cloud NGFW All

PAN-OS All

References

https://security.paloaltonetworks.com/PAN-SA-2025-0001

vendor-advisory

CVSS V4

Score:

9.2

Severity:

CRITICAL

Confidentiality:

High

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Jan 11, 2025
Vulnerability published
Jan 11, 2025

Collectors

NVD DatabaseMitre Database

Credit

Mesut Cetin of RedTeamer IT Security