CVE-2025-0111
PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- December 20, 2024
- Published Date
- February 12, 2025
- Last Updated
- February 21, 2025
- Vendor
- Palo Alto Networks
- Product
- Cloud NGFW, PAN-OS, Prisma Access
- Description
- An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.
CVSS Scores
CVSS v4.0
7.1 - HIGH
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Red
SSVC Information
- Exploitation
- active
- Technical Impact
- partial
Exploit Status
- Exploited in the Wild
- Yes (added 2025-02-20 00:00:00 UTC) Source
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2025-02-20 00:00:00 UTC |