Command Injection Vulnerability in Palo Alto Networks PAN-OS Software
CVE-2025-0127
7.1HIGH
What is CVE-2025-0127?
A command injection vulnerability exists in Palo Alto Networks PAN-OS software, which allows an authenticated administrator to bypass system restrictions and execute arbitrary commands with root privileges. This vulnerability specifically impacts the PAN-OS VM-Series and does not affect deployed firewalls. The Cloud NGFW and Prisma® Access services remain unaffected, ensuring that not all aspects of the Palo Alto ecosystem are compromised.
Affected Version(s)
PAN-OS VM-Series 11.0.0 < 11.0.4
PAN-OS VM-Series 10.2.0 < 10.2.9
PAN-OS VM-Series 10.1.0 < 10.1.14-h13