CVE-2025-0111
PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- December 20, 2024
- Published Date
- February 12, 2025
- Last Updated
- February 21, 2025
- Vendor
- Palo Alto Networks
- Product
- Cloud NGFW, PAN-OS, Prisma Access
- Description
- An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.
- Tags
- Exploitation
- active
- Technical Impact
- partial
- Exploited in the Wild
- Yes (2025-02-20 00:00:00 UTC) Source
cisa
edge
nessus_scanner
CVSS Scores
CVSS v4.0
7.1 - HIGH
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Red
SSVC Information
Exploit Status
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2025-02-20 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Nessus | https://www.tenable.com/plugins/nessus/216174 | 2025-02-12 22:45:00 UTC |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Detected by Nessus
-
Added to KEVIntel