Description Preview
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact the integrity and confidentiality of PAN-OS. The risk is greatest if access to the management interface is enabled from the internet or any untrusted network. To mitigate this risk, it is recommended to restrict access to the management web interface to only trusted internal IP addresses.
Overview
- CVE ID: CVE-2025-0108
- Vendor: Palo Alto Networks
- Affected Products: PAN-OS versions 10.1.0 through 10.1.14, 10.2.0 through 10.2.13, 11.1.0 through 11.1.6, and 11.2.0 through 11.2.4.
- Severity: High (CVSS Base Score: 8.8)
- Impact: The vulnerability allows unauthenticated access to management functions, which can lead to integrity and confidentiality issues.
Remediation
To remediate this vulnerability, Palo Alto Networks recommends the following actions:
- Upgrade PAN-OS:
- For PAN-OS 10.1: Upgrade to 10.1.14-h9 or later.
- For PAN-OS 10.2: Upgrade to 10.2.13-h3 or later.
- For PAN-OS 11.1: Upgrade to 11.1.6-h1 or later.
- For PAN-OS 11.2: Upgrade to 11.2.4-h4 or later.
- Restrict Access: Secure access to the management interface by allowing only trusted internal IP addresses.
- Threat Prevention: Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 510000 and 510001.
References
- Palo Alto Networks Security Advisory for CVE-2025-0108
- Best Practices for Securing Management Access
- CISA Known Exploited Vulnerabilities Catalog
- Additional articles and discussions on the vulnerability can be found on various security news platforms such as The Register, Dark Reading, and BleepingComputer.
Early Warning
Customers using Armis Early Warning were notified about this vulnerability before it appeared in CISA's Known Exploited Vulnerabilities Catalog, enabling them to assess their exposure and act proactively. Armis offers these examples of CVEs already included in CISA KEV for potential customers. Click here to learn how to receive alerts earlier.
- Armis Alert Date
- Feb 12, 2025
- CISA KEV Date
- Feb 18, 2025
6days early
Industry ExposureMost to leastThis section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
- ManufacturingManufacturing: Medium
- Health Care & Social AssistanceHealth Care & Social Assistance: Medium
- Public AdministrationPublic Administration: Medium
- Professional, Scientific, & Technical ServicesProfessional, Scientific, & Technical Services: Low
- Other Services (except Public Administration)Other Services (except Public Administration): Low
- Retail TradeRetail Trade: Low
- Educational ServicesEducational Services: Low
- Arts, Entertainment & RecreationArts, Entertainment & Recreation: Low
- Finance and InsuranceFinance and Insurance: Low
- Transportation & WarehousingTransportation & Warehousing: Low
- UtilitiesUtilities: Low
- InformationInformation: Low
- Management of Companies & EnterprisesManagement of Companies & Enterprises: Low
- Accommodation & Food ServicesAccommodation & Food Services: Low
- Agriculture, Forestry Fishing & HuntingAgriculture, Forestry Fishing & Hunting: Low
- Real Estate Rental & LeasingReal Estate Rental & Leasing: Low
- Administrative, Support, Waste Management & Remediation ServicesAdministrative, Support, Waste Management & Remediation Services: Low
- ConstructionConstruction: Low
- MiningMining: Low
- Wholesale TradeWholesale Trade: Low
