cbcvebase.
CVE-2025-4229
published 2025-06-13

CVE-2025-4229: An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent…

PriorityP430medium6CVSS 4.0
AVNACLATPPRNUIPVCHVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUNRUVDREXUAmber
EPSS
0.41%
32.8th percentile
An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Affected

7 ranges
VendorProductVersion rangeFixed in
palo_alto_networkspan-os>= 10.1.0 < 10.1.14-h1610.1.14-h16
palo_alto_networkspan-os>= 10.2.0 < 10.2.1710.2.17
palo_alto_networkspan-os>= 11.1.0 < 11.1.1011.1.10
palo_alto_networkspan-os>= 11.2.0 < 11.2.711.2.7
paloaltocloud_ngfw
paloaltopan-os
paloaltoprisma_access
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.