Command Injection Vulnerability in Palo Alto Networks PAN-OS Software
CVE-2025-0127

7.1HIGH

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 11 April 2025

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-0127?

A command injection vulnerability exists in Palo Alto Networks PAN-OS software, which allows an authenticated administrator to bypass system restrictions and execute arbitrary commands with root privileges. This vulnerability specifically impacts the PAN-OS VM-Series and does not affect deployed firewalls. The Cloud NGFW and Prisma® Access services remain unaffected, ensuring that not all aspects of the Palo Alto ecosystem are compromised.

Affected Version(s)

PAN-OS VM-Series 11.0.0 < 11.0.4

PAN-OS VM-Series 10.2.0 < 10.2.9

PAN-OS VM-Series 10.1.0 < 10.1.14-h13

References

https://security.paloaltonetworks.com/CVE-2025-0127

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 11, 2025
Vulnerability published
Apr 11, 2025
Vulnerability Reserved
Dec 20, 2024

Credit

Pavel Raunou