⚠ Actively exploited
Added to CISA KEV on 2025-02-18. Federal agencies required to patch by 2025-03-11. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..
CVE-2025-0108 — Missing Authentication for Critical Function in Palo Alto Networks Pan-os
Severity
8.8HIGHNVD
EPSS
94.1%
top 0.09%
CISA KEV
KEV
Added 2025-02-18
Due 2025-03-11
Exploit
PoC available
Public exploit / PoC exists
Timeline
PublishedFeb 12
KEV addedFeb 18
Latest updateMar 1
KEV dueMar 11
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.
You can greatly reduce the risk of this issue by restricting access to the management w…
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
Affected Packages5 packages
🔴Vulnerability Details
3GHSA▶
GHSA-hvqq-hwj3-c54m: An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web inter↗2025-02-12
💥Exploits & PoCs
1Nuclei▶
PAN-OS Management Interface - Path Confusion to Authentication Bypass
🔍Detection Rules
1Suricata▶
ET WEB_SPECIFIC_APPS Palo Alto PAN-OS Management Web Interface Authentication Bypass (CVE-2025-0108)↗2025-02-13
📋Vendor Advisories
2🕵️Threat Intelligence
4Greynoiseio▶
GreyNoise Observes Active Exploitation of PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108)↗2025-02-13