Palo Alto Networks · Pan-Os · CVE-2025-0111
**Name of the Vulnerable Software and Affected Versions**
Palo Alto Networks PAN-OS (affected versions not specified)
**Description**
An authenticated attacker with network access to the management web interface can read files on the PAN-OS filesystem that are readable by the ‘nobody’ user. This is due to an authenticated file read issue in the management web interface. The issue is actively exploited in attacks. The number of potentially affected devices worldwide is not specified. The attacker requires network access to the management web interface to exploit this issue.
**Recommendations**
Restrict access to the management web interface to only trusted internal IP addresses according to recommended best practices.