CVE-2025-4231 — Command Injection in Palo Alto Networks Pan-os

CWE-77 — Command Injection4 documents4 sources

Severity

8.6HIGHNVD

EPSS

0.6%

top 29.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Paloaltonetworks Pan-os Paloalto Cloud Ngfw +2 more

Timeline

PublishedJun 13

Description

A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N

Affected Packages5 packages

▶Palo Altopaloalto/prisma_access

▶NVDpaloaltonetworks/pan-os10.2.0 — 10.2.8+1

▶CVEListV5palo_alto_networks/pan-os11.0.0 — 11.0.3+2

▶Palo Altopaloalto/cloud_ngfw

▶Palo Altopaloalto/pan-os

🔴Vulnerability Details

GHSA

GHSA-vm6c-rqg9-5qqr: A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user↗2025-06-13

▶

CVEList

PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface↗2025-06-12

▶

📋Vendor Advisories

Palo Alto

PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface↗

▶