MACsec Protocol Vulnerability in Palo Alto Networks PAN-OS® Affects PA-7500 Series Devices
CVE-2025-2182

5.6MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 13 August 2025

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-2182?

An implementation issue within the MACsec protocol in Palo Alto Networks PAN-OS® leads to the inadvertent exposure of the connectivity association key (CAK). This vulnerability is specifically relevant to PA-7500 Series devices operating within an NGFW cluster. An attacker with access to this key could potentially intercept and decrypt messages exchanged between devices in the affected cluster. Importantly, devices that are not part of clustered configurations or are not utilizing MACsec are not affected by this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PAN-OS PA-7500 11.2.0 < 11.2.8

PAN-OS PA-7500 11.1.0 < 11.1.10

Cloud NGFW All

References

https://security.paloaltonetworks.com/CVE-2025-2182

vendor-advisory

CVSS V4

Score:

5.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Aug 13, 2025
Vulnerability published
Aug 13, 2025
Vulnerability Reserved
Mar 10, 2025

Credit

This issue was found during an internal security review.

JSON

Palo Alto Networks

Badges

What is CVE-2025-2182?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.