Denial of Service Issue in Palo Alto Networks PAN-OS Firewall
CVE-2025-0116

5.1MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Pan-os; Cloud Ngfw; Prisma Access
Vendor: CVE Published:; 12 March 2025

Badges

👾 Exploit Exists

Summary

A Denial of Service vulnerability in Palo Alto Networks PAN-OS software can lead to unexpected firewall reboots when processing specially crafted LLDP frames from unauthenticated attackers. This vulnerability can force the firewall into maintenance mode with repeated exploitation attempts. It is important to note that this issue does not affect Cloud NGFWs or Prisma Access software.

Affected Version(s)

PAN-OS 11.2.0 < 11.2.5

PAN-OS 11.1.0 < 11.1.8

PAN-OS 10.2.0 < 10.2.14

References

https://security.paloaltonetworks.com/CVE-2025-0116

vendor-advisory

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

👾
Exploit known to exist
Mar 12, 2025
Vulnerability published
Mar 12, 2025
Vulnerability Reserved
Dec 20, 2024

Credit

an external reporter