Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Vulnerabilities & Exploits » Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software

Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software

Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software

https://firewall.firm.in/wp-content/uploads/2025/02/PaloAlto-Networks.png

Feb 13, 2025Ravie LakshmananNetwork Security / Vulnerability

Exploit in PAN-OS Software

Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass.

The vulnerability, tracked as CVE-2025-0108, carries a CVSS score of 7.8 out of 10.0. The score, however, drops to 5.1 if access to the management interface is restricted to a jump box.

“An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts,” Palo Alto Networks said in an advisory.

“While invoking these PHP scripts does not enable remote code execution, it can negatively impact the integrity and confidentiality of PAN-OS.”

The vulnerability affects the following versions –

  • PAN-OS 11.2 < 11.2.4-h4 (Fixed in >= 11.2.4-h4)
  • PAN-OS 11.1 < 11.1.6-h1 (Fixed in >= 11.1.6-h1)
  • PAN-OS 11.0 (Upgrade to a supported fixed version as it has reached end-of-life status on November 17, 2024)
  • PAN-OS 10.2 < 10.2.13-h3 (Fixed in >= 10.2.13-h3
  • PAN-OS 10.1 < 10.1.14-h9 (Fixed in >= 10.1.14-h9)

Searchlight Cyber/Assetnote security researcher Adam Kues, who is credited with discovering and reporting the flaw, said the security defect has to do with a discrepancy in how the interface’s Nginx and Apache components handle incoming requests, resulting in a directory traversal attack.

Cybersecurity

Palo Alto Networks has also shipped updates to resolve two other flaws –

  • CVE-2025-0109 (CVSS score: 5.5) – An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface that enables an attacker with network access to the management web interface to delete certain files as the “nobody” user, including limited logs and configuration files (Fixed in PAN-OS versions 11.2.4-h4, 11.1.6-h1, 10.2.13-h3, and 10.1.14-h9)
  • CVE-2025-0110 (CVSS score: 7.3) – A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin that enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands (Fixed in PAN-OS OpenConfig Plugin version 2.1.2)

To mitigate the risk posed by the vulnerability, it’s highly advised to disable access to the management interface from the internet or any untrusted network. Customers who do not use OpenConfig can either choose to disable or uninstall the plugin from their instances.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.


Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

Juniper Firewall
Cisco Firewall
Checkpoint Firewall
paloalto Firewall
Fortinet Firewall
Forcepoint Firewall

 

Sophos Firewall
WatchGuard Firewall
Barracuda Firewall
Sonicwall Firewall
GajShield Firewall
Seqrite Firewall

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket

Firewall Firm is a Managed Firewall Security Solution Provider Company in India | Digital Marketing by SEO Company India | Powered by IT Monteur