Sensitive Information Disclosure in Palo Alto Networks Prisma Browser
CVE-2025-4618
4.4MEDIUM
Key Information:
- Vendor
Palo Alto Networks
- Status
- Vendor
- CVE Published:
- 14 November 2025
Badges
👾 Exploit Exists
What is CVE-2025-4618?
A vulnerability in Palo Alto Networks' Prisma® Browser allows authenticated non-admin users to access sensitive information. This issue highlights the importance of enabling browser self-protection features to prevent data leaks and unauthorized access to confidential information. Organizations using Prisma Browser should take immediate action to safeguard their data against potential exploitation.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Prisma Browser 142.15.6.0 <= 142.15.6.60
References
CVSS V4
Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
Palo Alto Networks thanks Tan Inn Fung, Yu Ann Ong, Zhang Bosen from the GovTech Cybersecurity Group for discovering and reporting this issue.