CVE-2025-0108
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
6Exploited in Wild
YesDecision
Descriptions
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts.
CVSS Scores
SSVC
- Decision:Act
Timeline
- 2024-12-20 CVE Reserved
- 2025-02-12 CVE Published
- 2025-02-18 Exploited in Wild
- 2025-02-18 First Exploit
- 2025-03-11 KEV Due Date
- 2025-04-03 CVE Updated
- 2025-06-04 EPSS Updated
CWE
- CWE-306: Missing Authentication for Critical Function
CAPEC
- CAPEC-115: Authentication Bypass
References (7)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://github.com/iSee857/CVE-2025-0108-PoC | 2025-02-19 | |
https://github.com/FOLKS-iwd/CVE-2025-0108-PoC | 2025-02-19 | |
https://github.com/fr4nc1stein/CVE-2025-0108-SCAN | 2025-02-18 | |
https://github.com/barcrange/CVE-2025-0108-Authentication-Bypass-checker | 2025-02-19 | |
https://github.com/sohaibeb/CVE-2025-0108 | 2025-02-19 | |
https://github.com/becrevex/CVE-2025-0108 | 2025-02-19 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://security.paloaltonetworks.com/CVE-2025-0108 | 2025-02-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Palo Alto Networks Search vendor "Palo Alto Networks" | Cloud Ngfw Search vendor "Palo Alto Networks" for product "Cloud Ngfw" | * | - |
Affected
| ||||||
Palo Alto Networks Search vendor "Palo Alto Networks" | Pan-os Search vendor "Palo Alto Networks" for product "Pan-os" | * | - |
Affected
| ||||||
Palo Alto Networks Search vendor "Palo Alto Networks" | Prisma Access Search vendor "Palo Alto Networks" for product "Prisma Access" | * | - |
Affected
| ||||||
Paloaltonetworks Search vendor "Paloaltonetworks" | Pan-os Search vendor "Paloaltonetworks" for product "Pan-os" | * | - |
Affected
|