cbcvebase.
CVE-2025-4231
published 2025-06-13

CVE-2025-4231: A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker…

PriorityP350high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
1.02%
59.2th percentile
A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Affected

8 ranges
VendorProductVersion rangeFixed in
palo_alto_networkspan-os
palo_alto_networkspan-os>= 10.2.0 < 10.2.810.2.8
palo_alto_networkspan-os>= 11.0.0 < 11.0.311.0.3
paloaltocloud_ngfw
paloaltopan-os
paloaltoprisma_access
paloaltonetworkspan-os>= 10.2.0 < 10.2.810.2.8
paloaltonetworkspan-os>= 11.0.0 < 11.0.311.0.3

CVSS provenance

nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.6HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.