InfoSecBulletin Cybersecurity for mankind
A new vulnerability, CVE-2025-4235, in Palo Alto Networks’ User-ID Credential Agent for Windows, could reveal a service account’s password in cleartext with specific configurations.
The vulnerability has been rated as having medium severity. The primary danger lies in the potential for privilege escalation. The impact of the vulnerability varies depending on the level of permissions assigned to the service account in question.
L7 DDoS Botnet Hijacked 5.76M Devices for Large Attacks
Palo Alto Networks User-ID Credential Agent Vuln Exposes password In Cleartext
CyberVolk Ransomware Attacks CII In Japan, France, and UK
Microsoft warns of active directory and office vulnarability
(CVE-2025-10159)
Sophos Addressed Critical Auth Bypass flaw in Wireless Access Points
1.6M fitness phone call recordings exposed online
Microsoft September Patch Tuesday 2025 fixes 81 flaws, two zero-days
Elastic Security Incident : Hackers Accessed Email Account Contains Valid Credentials
Hacker Exploit Amazon SES to Send 50K Phishing Emails
SafePay Ransomware
SafePay Ransomware Attacks 73 Orgs in a Single Month
If the account has minimally privileged access, an attacker could disrupt the operations of the User-ID Credential Agent. Palo Alto Networks recommends that customers upgrade their User-ID Credential Agent to version 11.0.3 or later to fix the security issue.
The company says there’s no workaround for this issue, so the only solution is to update the software. The vulnerability‘s severity varies by configuration. It is rated Medium, with a CVSS score of 7.2, for systems with elevated service accounts.
For configurations with a minimally privileged service account, the rating is Low, with a CVSS score of 5.8. Palo Alto Networks has stated that it is not aware of any malicious exploitation of this vulnerability in the wild.
This vulnerability shows the risks of misconfigurations and the need to follow security best practices, particularly for privileged accounts.
