Multiple Vulnerabilities in Palo Alto PAN-OS

Severity Level: High

Date: 14/02/2025

Ref: CERT-NCSOC-0230

Components Affected

• PAN-OS 10.1 versions earlier than PAN-OS 10.1.14-h9
• PAN-OS 10.2 versions earlier than PAN-OS 10.2.13-h3
• PAN-OS 11.1 versions earlier than PAN-OS 11.1.6-h1
• PAN-OS 11.2 versions earlier than PAN-OS 11.2.4-h4
• PAN-OS OpenConfig Plugin versions earlier than 2.1.2

Overview

Multiple vulnerabilities were identified in Palo Alto PAN-OS. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, data manipulation, and security restriction bypass on the targeted system.

Description

Multiple vulnerabilities have been discovered in Palo Alto PAN-OS, the most severe of which could allow for authentication bypass. Details of the most severe vulnerabilities are as follows:

• CVE-2025-0108 - Authentication Bypass in the Management Web Interface
• CVE-2025-0109 - Unauthenticated File Deletion Vulnerability on the Management Web Interface
• CVE-2025-0110 - Command Injection Vulnerability in OpenConfig Plugin

Impact

• Remote Code Execution
• Data Manipulation
• Security Restriction Bypass

Solution/Workarounds

• Before installation of the software, please visit the vendor website for more details. Apply fixes issued by the vendor:
• CVE-2025-0108
• CVE-2025-0109
• CVE-2025-0110

Reference

• Palo Alto Security Advisories
• HKCERT Security Bulletin

Disclaimer

The information provided herein is on an "as is" basis, without warranty of any kind.