Authenticated File Read Vulnerability in Palo Alto Networks PAN-OS Software
CVE-2025-0111

5.9MEDIUM

Key Information:

Vendor
Palo Alto Networks
Status
Cloud Ngfw
Pan-os
Prisma Access
Vendor
CVE Published:
12 February 2025

Badges

👾 Exploit Exists🦅 CISA Reported📰 News Worthy

Summary

The vulnerability in Palo Alto Networks PAN-OS allows an authenticated attacker with access to the management web interface the capability to read files on the filesystem that are readable by the 'nobody' user. This could potentially expose sensitive information if an attacker is able to leverage this access. To mitigate this risk, it is advised to restrict the management web interface access to trusted internal IP addresses, following the recommended best practices for deployment. Note that this issue does not impact Cloud NGFW or Prisma Access software.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

PAN-OS 10.1.0 < 10.1.14-h9

PAN-OS 10.2.0 < 10.2.7-h24

PAN-OS 11.1.0 < 11.1.6-h1

News Articles

favicon imageSecurity Affairs

U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog.

22 hours ago

favicon imageTechRadar

Palo Alto warns another major firewall hack has been detected

Hackers are chaining three flaws to mount attacks on PAN-OS firewalls

2 days ago

favicon imageSecurity Affairs

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls.

2 days ago

References

https://security.paloaltonetworks.com/CVE-2025-0111
vendor-advisory

CVSS V4

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🦅

    CISA Reported

  • 📰

    First article discovered by Security Affairs

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

a customer
our Deep Product Security Research Team
.