CVE-2025-4230 — OS Command Injection in Palo Alto Networks Pan-os

CWE-78 — OS Command Injection4 documents4 sources

Severity

8.4HIGHNVD

EPSS

0.3%

top 47.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Paloalto Cloud Ngfw Paloalto Pan-os +1 more

Timeline

PublishedJun 13

Description

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. Cloud NGFW and Prisma® Access are not affected by this vulnerability.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages4 packages

▶Palo Altopaloalto/prisma_access

▶Palo Altopaloalto/cloud_ngfw

▶CVEListV5palo_alto_networks/pan-os11.2.0 — 11.2.6+3

▶Palo Altopaloalto/pan-os

🔴Vulnerability Details

GHSA

GHSA-hg7r-cqcx-pf83: A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run↗2025-06-13

▶

CVEList

PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI↗2025-06-12

▶

📋Vendor Advisories

Palo Alto

PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI↗

▶