Authenticated File Deletion Vulnerability in Palo Alto Networks PAN-OS Software
CVE-2025-0124

2.1LOW

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 11 April 2025

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-0124?

An authenticated file deletion vulnerability in Palo Alto Networks PAN-OS software allows an authenticated attacker with network access to the management web interface to delete specific files, including limited logs and configuration files. While system files are not affected, this vulnerability poses significant risks if not mitigated. To protect against exploitation, it is crucial to restrict access to the management interface to trusted internal IP addresses, adhering to recommended deployment guidelines. This vulnerability specifically impacts Cloud NGFW but does not affect Prisma Access software.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cloud NGFW All

PAN-OS 11.2.0 < 11.2.1

PAN-OS 11.1.0 < 11.1.5

References

https://security.paloaltonetworks.com/CVE-2025-0124

vendor-advisory

CVSS V4

Score:

2.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Apr 11, 2025
Vulnerability published
Apr 11, 2025
Vulnerability Reserved
Dec 20, 2024

Credit

VISA, Inc.

JSON

Palo Alto Networks