Denial of Service Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Feature
CVE-2025-0114

8.2HIGH

Key Information:

Vendor
CVE Published:
12 March 2025

Badges

👾 Exploit Exists

Summary

A Denial of Service vulnerability within the GlobalProtect feature of Palo Alto Networks PAN-OS allows unauthenticated attackers to disrupt the service. By sending a substantial number of specifically crafted packets over time, attackers can effectively incapacitate both the GlobalProtect portal and the GlobalProtect gateway. It is important to note that this vulnerability does not impact Cloud NGFWs or Prisma Access software.

Affected Version(s)

PAN-OS 11.0.0 < 11.0.2

PAN-OS 10.2.0 < 10.2.5

PAN-OS 10.1.0 < 10.1.14-h11

References

CVSS V4

Score:
8.2
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

an external reporter
.