Denial of Service Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Feature
CVE-2025-0114
8.2HIGH
Summary
A Denial of Service vulnerability within the GlobalProtect feature of Palo Alto Networks PAN-OS allows unauthenticated attackers to disrupt the service. By sending a substantial number of specifically crafted packets over time, attackers can effectively incapacitate both the GlobalProtect portal and the GlobalProtect gateway. It is important to note that this vulnerability does not impact Cloud NGFWs or Prisma Access software.
Affected Version(s)
PAN-OS 11.0.0 < 11.0.2
PAN-OS 10.2.0 < 10.2.5
PAN-OS 10.1.0 < 10.1.14-h11
References
CVSS V4
Score:
8.2
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
an external reporter