CVE-2025-0116 — Improper Check for Unusual or Exceptional Conditions in Palo Alto Networks Pan-os

CWE-754 — Improper Check for Unusual or Exceptional Conditions4 documents4 sources

Severity

6.8MEDIUMNVD

EPSS

0.2%

top 63.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Paloalto Cloud Ngfw Paloalto Pan-os +1 more

Timeline

PublishedMar 12

Description

A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall to enter maintenance mode. This issue does not apply to Cloud NGFWs or Prisma Access software.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages4 packages

▶Palo Altopaloalto/prisma_access

▶CVEListV5palo_alto_networks/pan-os11.2.0 — 11.2.5+3

▶Palo Altopaloalto/cloud_ngfw

▶Palo Altopaloalto/pan-os

🔴Vulnerability Details

CVEList

PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame↗2025-03-12

▶

GHSA

GHSA-c93v-4qmp-8w98: A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially c↗2025-03-12

▶

📋Vendor Advisories

Palo Alto

PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame↗

▶