CVE-2025-0108

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions prior to the fix for CVE-2025-0108

Description An authentication bypass vulnerability exists in the Palo Alto Networks PAN-OS software. This allows an unauthenticated attacker with network access to the management web interface to bypass authentication and invoke certain PHP scripts. While invoking these scripts does not enable remote code execution, it can negatively impact the integrity and confidentiality of PAN-OS. This vulnerability is actively exploited in the wild, with over 25 unique IPs attempting exploitation. The vulnerability is due to a path confusion issue between Nginx and Apache. The vulnerability affects over 2.3 million services.

Recommendations Update your PAN-OS instance to the latest version to address this vulnerability. Restrict access to the PAN-OS management interface to only trusted internal IP addresses. If the OpenConfig Plugin is not needed, disable or uninstall it.