CVE-2025-0127 — OS Command Injection in Palo Alto Networks Pan-os

CWE-78 — OS Command Injection4 documents4 sources

Severity

7.1HIGHNVD

EPSS

0.1%

top 66.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Paloalto Cloud Ngfw Paloalto Pan-os +1 more

Timeline

PublishedApr 11

Description

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. This issue is only applicable to PAN-OS VM-Series. This issue does not affect firewalls that are already deployed. Cloud NGFW and Prisma® Access are not affected by this vulnerability.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages4 packages

▶Palo Altopaloalto/cloud_ngfw

▶CVEListV5palo_alto_networks/pan-os11.0.0 — 11.0.4+2

▶Palo Altopaloalto/prisma_access

▶Palo Altopaloalto/pan-os

🔴Vulnerability Details

GHSA

GHSA-8r53-w527-fcqp: A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run↗2025-04-11

▶

CVEList

PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series↗2025-04-11

▶

📋Vendor Advisories

Palo Alto

PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series↗

▶