CVE-2025-0115
published 2025-03-12CVE-2025-0115: A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files. The attacker must have…
PriorityP335medium6.8CVSS 4.0
AVLACLATNPRLUINVCHVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUNRUVCREMUAmber
EPSS
0.18%
7.3th percentile
A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files.
The attacker must have network access to the management interface (web, SSH, console, or telnet) and successfully authenticate to exploit this issue. You can greatly reduce the risk of this issue by restricting access to the management interface to only trusted users and internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue does not affect Cloud NGFW or Prisma Access.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | pan-os | >= 10.1.0 < 10.1.14-h11 | 10.1.14-h11 |
| palo_alto_networks | pan-os | >= 10.2.0 < 10.2.11 | 10.2.11 |
| palo_alto_networks | pan-os | >= 11.0.0 < 11.0.6 | 11.0.6 |
| palo_alto_networks | pan-os | >= 11.1.0 < 11.1.5 | 11.1.5 |
| palo_alto_networks | pan-os | >= 11.2.0 < 11.2.3 | 11.2.3 |
| paloalto | cloud_ngfw | — | — |
| paloalto | pan-os | — | — |
| paloalto | prisma_access | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mqw3-crqw-fq73: A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files
ghsa_unreviewed·2025-03-12
CVE-2025-0115 [MEDIUM] CWE-41 GHSA-mqw3-crqw-fq73: A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files
A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files.
This issue does not affect Cloud NGFW or Prisma Access.
Palo Alto
PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI
vendor_paloalto·CVSS 6.8
CVE-2025-0115 [MEDIUM] CWE-41 PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI
PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI
A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files.
The attacker must have network access to the management interface (web, SSH, console, or telnet) and successfully authenticate to exploit this issue. You can greatly reduce the risk of this issue by restricting access to the management interface to only trusted users and internal IP addresses according to our recommended critical deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431).
This issue does not affect Cloud NGFW or Prisma Access.
Affected products: Cloud NGFW, PAN-OS, Prisma Access
S
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-12
Published