Authentication Bypass in Palo Alto Networks PAN-OS Software
CVE-2025-0108
Key Information:
- Vendor
- Palo Alto Networks
- Vendor
- CVE Published:
- 12 February 2025
Badges
What is CVE-2025-0108?
CVE-2025-0108 is a significant security vulnerability found in Palo Alto Networks' PAN-OS software, which is primarily used for network security management in various enterprise environments. This vulnerability allows unauthenticated attackers with network access to the management web interface to bypass standard authentication mechanisms, potentially allowing them to invoke specific PHP scripts. While this flaw does not enable remote code execution, it poses serious risks to the integrity and confidentiality of the systems using PAN-OS, making organizations vulnerable to unauthorized access and manipulation.
Technical Details
The vulnerability is characterized as an authentication bypass within the PAN-OS management interface. It affects devices that utilize this operating system, which is integral for managing firewall functionalities and other security features in network appliances. By bypassing authentication, an attacker can interact with the system without the necessary credentials, targeting the management functionalities of PAN-OS directly. This flaw emphasizes the critical need for secure management access, as attackers could potentially exploit it to achieve elevated access levels on vulnerable systems.
Potential Impact of CVE-2025-0108
-
Data Integrity Risks: The vulnerability allows unauthorized access to management features, which can compromise the integrity of security policies and data stored within the PAN-OS system. Attackers could manipulate configurations, leading to unauthorized changes in network security settings.
-
Confidentiality Breach: Since the vulnerability exposes a pathway to access sensitive management functions, it may lead to unauthorized viewing or extraction of confidential information managed by PAN-OS, putting organizational data at risk.
-
Increased Attack Surface: With the ability to bypass authentication, the potential for malicious actors to conduct further attacks increases. Attackers could explore additional vulnerabilities within the network infrastructure, leading to a cascade of security breaches and further exploitation.
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
PAN-OS 10.1.0 < 10.1.14-h9
PAN-OS 10.2.0 < 10.2.7-h24
PAN-OS 11.1.0 < 11.1.6-h1
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
SonicWall, Palo Alto Networks flaws under attack, added to CISA list
The critical SonicOS SSLVPN flaw and high-severity PAN-OS flaw both risk authentication bypass.
1 day ago
Techzine EuropeCVE-2025-0108Palo Alto confirms exploitation of critical vulnerability
Palo Alto strongly recommends that all organizations with Internet-facing PAN-OS administrator interfaces review configurations
1 day ago
Palo Alto warns another major firewall hack has been detected
Hackers are chaining three flaws to mount attacks on PAN-OS firewalls
1 day ago
References
CVSS V4
Timeline
- π°
Used in Ransomware
- π₯
Vulnerability reached the number 1 worldwide trending spot
- π¦
CISA Reported
- π
Vulnerability started trending
- π‘
Public PoC available
- πΎ
Exploit known to exist
- π°
First article discovered by WJBF
Vulnerability published
Vulnerability Reserved