Critical Vulnerability in Palo Alto Networks PAN-OS

Palo Alto Networks has released security updates addressing a critical vulnerability (CVE-2025-0108) affecting their PAN-OS software. The vulnerability is reportedly being chained with CVE-2024-9474 and/or CVE-2025-0111 in exploitation attempts.

Successful exploitation of the authentication bypass vulnerability in the management web interface could allow an unauthenticated attacker with network access to bypass authentication and invoke certain PHP: Hypertext Preprocessor (PHP) scripts. While this does not enable remote code execution, it can negatively impact the integrity and confidentiality of PAN-OS.

The vulnerability affects the following PAN-OS versions:

PAN-OS 11.2:

• Versions prior to 11.2.4-h4

• Versions prior to 11.2.5

PAN-OS 11.1:

• Versions prior to 11.1.2-h18

• Versions prior to 11.1.4-h13

• Versions prior to 11.1.6-h1

PAN-OS 10.2:

• Versions prior to 10.2.7-h24

• Versions prior to 10.2.8-h21

• Versions prior to 10.2.9-h21

• Versions prior to 10.2.10-h14

• Versions prior to 10.2.11-h12

• Versions prior to 10.2.12-h6

• Versions prior to 10.2.13-h3

PAN-OS 10.1:

• Versions prior to 10.1.14-h9

PAN-OS 11.0 is also affected by the vulnerability but has reached end of life (EoL). 

Users and administrators of affected products are advised to update to the latest versions or upgrade to a supported fixed version immediately.

More information is available here:

https://nvd.nist.gov/vuln/detail/CVE-2025-0108

https://security.paloaltonetworks.com/CVE-2025-0108