MACsec Protocol Vulnerability in Palo Alto Networks PAN-OS® Affects PA-7500 Series Devices
CVE-2025-2182

5.6MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Pan-os; Prisma Access
Vendor: CVE Published:; 13 August 2025

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-2182?

An implementation issue within the MACsec protocol in Palo Alto Networks PAN-OS® leads to the inadvertent exposure of the connectivity association key (CAK). This vulnerability is specifically relevant to PA-7500 Series devices operating within an NGFW cluster. An attacker with access to this key could potentially intercept and decrypt messages exchanged between devices in the affected cluster. Importantly, devices that are not part of clustered configurations or are not utilizing MACsec are not affected by this vulnerability.

Affected Version(s)

PAN-OS PA-7500 11.2.0 < 11.2.8

PAN-OS PA-7500 11.1.0 < 11.1.10

Cloud NGFW All

References

https://security.paloaltonetworks.com/CVE-2025-2182

vendor-advisory

CVSS V4

Score:

5.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Aug 13, 2025
Vulnerability published
Aug 13, 2025
Vulnerability Reserved
Mar 10, 2025

Credit

This issue was found during an internal security review.