Palo Alto Networks PAN-OS vulnerabilities

CVE-2025-0114 [HIGH] CWE-400 CVE-2025-0114: A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS so A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway. This issue does not

CVE-2025-0115 [MEDIUM] CWE-41 CVE-2025-0115: A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN- A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files. The attacker must have network access to the management interface (web, SSH, console, or telnet) and successfully authenticate to exploit this issue. You can greatly reduce the risk of this issue by restricting access to

CVE-2025-0116 [MEDIUM] CWE-754 CVE-2025-0116: A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall to enter maintenance mode. This issue does not apply to Cloud NGFWs or Pr

CVE-2025-0111 [HIGH] CWE-73 CVE-2025-0111: An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authen An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only

CVE-2025-0108 [HIGH] CWE-306 CVE-2025-0108: An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attack An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can ne

CVE-2025-0109 [MEDIUM] CWE-73 CVE-2025-0109: An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web inter An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but does not include system files. You can greatly reduce the

CVE-2024-3393 [HIGH] CWE-754 CVE-2024-3393: A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.

CVE-2024-0012 [CRITICAL] CWE-306 CVE-2024-0012: An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker w An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https:/

CVE-2024-9474 [MEDIUM] CWE-78 CVE-2024-9474: A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administr A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

CVE-2024-9472 [HIGH] CWE-476 CVE-2024-9472: A null pointer dereference in Palo Alto Networks PAN-OS software on PA-800 Series, PA-3200 Series, P A null pointer dereference in Palo Alto Networks PAN-OS software on PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series hardware platforms when Decryption policy is enabled allows an unauthenticated attacker to crash PAN-OS by sending specific traffic through the data plane, resulting in a denial of service (DoS) condition. Repeated attemp

CVE-2024-2550 [HIGH] CWE-476 CVE-2024-2550: A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS s A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall enterin

CVE-2024-2551 [HIGH] CWE-476 CVE-2024-2551: A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenti A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.

CVE-2024-5919 [MEDIUM] CWE-611 CVE-2024-5919: A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS softwar A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.

CVE-2024-2552 [MEDIUM] CWE-22 CVE-2024-2552: A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated adm A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall.

CVE-2024-5918 [MEDIUM] CWE-295 CVE-2024-5918: An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an au An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you "Allow Authentication with User Credentials OR Client C

CVE-2024-5920 [MEDIUM] CWE-79 CVE-2024-5920: A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenti A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in

CVE-2024-5917 [LOW] CWE-918 CVE-2024-5917: A server-side request forgery in PAN-OS software enables an authenticated attacker with administrati A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.

CVE-2024-9468 [HIGH] CWE-787 CVE-2024-9468: A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated at A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.

CVE-2024-9471 [MEDIUM] CWE-269 CVE-2024-9471: A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enabl A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with "Virtual system administrator (read-only)" access cou

CVE-2024-8686 [HIGH] CWE-78 CVE-2024-8686: A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated adm A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.