Paloaltonetworks PAN-OS vulnerabilities
211 known vulnerabilities affecting paloaltonetworks/pan-os.
Total CVEs
211
CISA KEV
14
actively exploited
Public exploits
17
Exploited in wild
15
Severity breakdown
CRITICAL36HIGH77MEDIUM89LOW9
Vulnerabilities
Page 4 of 11
CVE-2012-6602P3CRITICALCVSS 9.0≤ 3.1.9v4.0.0+3 more2013-08-31
CVE-2012-6602 [CRITICAL] CWE-78 CVE-2012-6602: The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x be
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122.
nvd
CVE-2025-4615P3HIGHCVSS 7.2≥ 10.2.0, < 10.2.17≥ 11.1.0, < 11.1.11+1 more2025-10-09
CVE-2025-4615 [HIGH] CWE-83 CVE-2025-4615: An improper input neutralization vulnerability in the management web interface of the Palo Alto Netw
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.
nvd
CVE-2024-3383P3CRITICALCVSS 9.1≥ 10.1.0, < 10.1.11≥ 10.2.0, < 10.2.5+1 more2024-04-10
CVE-2024-3383 [CRITICAL] CWE-282 CVE-2024-3383: A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identit
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.
nvd
CVE-2020-2037P3HIGHCVSS 7.2≥ 8.1.0, < 8.1.16≥ 9.0.0, < 9.0.10+1 more2020-09-09
CVE-2020-2037 [HIGH] CWE-78 CVE-2020-2037: An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated a
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3.
nvd
CVE-2017-7945P3CRITICALCVSS 9.8≤ 6.1.15v7.0.0+25 more2017-04-29
CVE-2017-7945 [CRITICAL] CWE-209 CVE-2017-7945: The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15,
The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requ
nvd
CVE-2012-6604P3CRITICALCVSS 9.0≤ 3.1.10v3.1.9+9 more2013-08-31
CVE-2012-6604 [CRITICAL] CWE-78 CVE-2012-6604: The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x be
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249.
nvd
CVE-2012-6605P3CRITICALCVSS 9.0≤ 3.1.10v3.1.9+9 more2013-08-31
CVE-2012-6605 [CRITICAL] CWE-78 CVE-2012-6605: The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x be
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896.
nvd
CVE-2025-4231P3HIGHCVSS 7.2≥ 10.2.0, < 10.2.8≥ 11.0.0, < 11.0.32025-06-13
CVE-2025-4231 [HIGH] CWE-77 CVE-2025-4231: A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrat
A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user.
The attacker must have network access to the management web interface and successfully authenticate to exploit this issue.
Cloud NGFW and Prisma Access are not impacted by this vulnerability.
nvd
CVE-2020-2000P3HIGHCVSS 7.2≥ 8.1.0, < 8.1.16≥ 9.0.0, < 9.0.10+2 more2020-11-12
CVE-2020-2000 [HIGH] CWE-20 CVE-2020-2000: An OS command injection and memory corruption vulnerability in the PAN-OS management web interface t
An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0
nvd
CVE-2019-1572P3HIGHCVSS 7.5v9.0.02019-03-26
CVE-2019-1572 [HIGH] CVE-2019-1572: PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files.
PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files.
nvd
CVE-2020-2030P3HIGHCVSS 7.2≥ 7.1.0, ≤ 7.1.26≥ 8.0.0, ≤ 8.0.20+1 more2020-07-08
CVE-2020-2030 [HIGH] CWE-78 CVE-2020-2030: An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated a
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0. This issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access servi
nvd
CVE-2020-2010P3HIGHCVSS 7.2≥ 7.1.0, ≤ 7.1.26≥ 8.0.0, ≤ 8.0.20+2 more2020-05-13
CVE-2020-2010 [HIGH] CWE-78 CVE-2020-2010: An OS command injection vulnerability in PAN-OS management interface allows an authenticated adminis
An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7.
nvd
CVE-2020-2029P3HIGHCVSS 7.2≥ 7.1.0, < 7.1.26≥ 8.0.0, ≤ 8.0.20+1 more2020-06-10
CVE-2020-2029 [HIGH] CWE-78 CVE-2020-2029: An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated ad
An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. This issue affects: All versions of PAN-OS 8.0; PAN-OS 7.1 versions earlier than PAN-OS 7.1.
nvd
CVE-2024-8686P3HIGHCVSS 7.2≥ 11.2.0, ≤ 11.2.22024-09-11
CVE-2024-8686 [HIGH] CWE-78 CVE-2024-8686: A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated adm
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.
nvd
CVE-2019-1575P3HIGHCVSS 8.8fixed in 7.1.24≥ 8.0.0, < 8.0.19+3 more2019-07-16
CVE-2019-1575 [HIGH] CWE-200 CVE-2019-1575: Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and
Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API key of the device and/or the username/password from the XML API (in PAN-OS) and possibly escalate privileges granted to them.
nvd
CVE-2024-0008P3HIGHCVSS 8.8≥ 10.2.0, < 10.2.5≥ 11.0.0, < 11.0.2+7 more2024-02-14
CVE-2024-0008 [HIGH] CWE-613 CVE-2024-0008: Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in cert
Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access.
nvd
CVE-2016-3654P3HIGHCVSS 7.2≥ 5.0.0, < 5.0.18≥ 5.1, < 5.1.11+3 more2016-04-12
CVE-2016-3654 [HIGH] CWE-20 CVE-2016-3654: The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x
The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x before 5.1.11, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote authenticated administrators to execute arbitrary OS commands via an SSH command parameter.
nvd
CVE-2020-2028P3HIGHCVSS 7.2≥ 7.1.0, ≤ 7.1.26≥ 8.0.0, ≤ 8.0.20+2 more2020-06-10
CVE-2020-2028 [HIGH] CWE-78 CVE-2020-2028: An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrator
An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than PAN-OS
nvd
CVE-2020-2002P3HIGHCVSS 8.1≥ 7.1.0, < 7.1.26≥ 8.0.0, ≤ 8.0.20+2 more2020-05-13
CVE-2020-2002 [HIGH] CWE-290 CVE-2020-2002: An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID c
An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle t
nvd
CVE-2017-9458P3CRITICALCVSS 9.8≤ 6.1.17v7.0.0+27 more2017-09-07
CVE-2017-9458 [CRITICAL] CWE-611 CVE-2017-9458: XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface
XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to obtain sensitive information, cause a denial of service, or conduct server-side request forgery (SSRF) attacks via
nvd