Palo Alto Networks has issued advisories for two critical vulnerabilities in its PAN-OS. The vulnerabilities, CVE-2025-0108 and CVE-2025-0110, may enable attackers to bypass authentication and run arbitrary commands.
Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...
GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel's IKE affecting UDP port 500. The attack centers around CVE-2023-28771,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV)...
SoftBank has disclosed that personal information of more than 137,000 mobile subscribers—covering names, addresses, and phone numbers—might have been leaked...
A vulnerability in the PAN-OS management web interface (CVSSv3.1 score 7.8) allows unauthenticated attackers with network access to bypass authentication and run specific PHP scripts. This could compromise the integrity and confidentiality of PAN-OS, although it does not enable remote code execution.
“An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts,” the advisory explains.
The vulnerability (CVSSv3.1 score 7.3) is in the PAN-OS OpenConfig plugin. An authenticated administrator who can send gNMI requests to the PAN-OS management web interface could exploit this flaw to inject and execute arbitrary commands. These commands would have the privileges of the “_openconfig” user, who holds the Device Administrator role.
“A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands,” the advisory states.
Affected Versions and Mitigation:
CVE-2025-0108 impacts PAN-OS versions prior to 11.2.4-h4, 11.1.6-h1, 10.2.13-h3, and 10.1.14-h9. CVE-2025-0110 affects OpenConfig plugin versions before 2.1.2.
Palo Alto Networks has released updates to fix two vulnerabilities. Users are encouraged to update their PAN-OS software immediately and limit management interface access to trusted internal IP addresses only.