Palo Alto Networks PAN-OS Web Proxy Vulnerability
CVE-2025-0130

8.2HIGH

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 14 May 2025

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-0130?

A vulnerability in Palo Alto Networks PAN-OS software with the web proxy feature allows unauthenticated attackers to overwhelm the firewall by sending a stream of specially crafted packets. This causes the firewall to become unresponsive and may lead to a reboot. Multiple attempts to exploit this vulnerability can push the device into maintenance mode. This issue does not impact Cloud NGFW or Prisma Access services, emphasizing the need for prompt updates and protective measures to safeguard network integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PAN-OS 11.2.0 < 11.2.5

PAN-OS 11.1.0 < 11.1.6-h1

Cloud NGFW All

References

https://security.paloaltonetworks.com/CVE-2025-0130

vendor-advisory

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
May 14, 2025
Vulnerability published
May 14, 2025
Vulnerability Reserved
Dec 20, 2024

Credit

Jari Pietila of Palo Alto Networks

JSON