| i | PAN-SA-2025-0017
Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION | | | | 2025-11-02 | 2025-11-03 |
| 6.1 | PAN-SA-2025-0016
Chromium: Monthly Vulnerability Update (October 2025) | | | | 2025-10-08 | 2025-10-08 |
| 4.5 | CVE-2025-4615
PAN-OS: Improper Neutralization of Input in the Management Web Interface | Cloud NGFW PAN-OS 12.1 PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 Prisma Access | None None < 11.2.8 < 11.1.6-h21 < 10.2.17 None | All All >= 11.2.8 >= 11.1.6-h21 >= 10.2.17 All | 2025-10-08 | 2025-10-08 |
| 1.1 | CVE-2025-4614
PAN-OS: Session Token Disclosure Vulnerability | Cloud NGFW PAN-OS 12.1 PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 Prisma Access | None None < 11.2.8 < 11.1.6-h21 < 10.2.17 None | All All >= 11.2.8 >= 11.1.6-h21 >= 10.2.17 All | 2025-10-08 | 2025-10-08 |
| 6.1 | PAN-SA-2025-0015
Chromium: Monthly Vulnerability Update (September 2025) | | | | 2025-09-10 | 2025-09-10 |
| 4.2 | CVE-2025-4235
User-ID Credential Agent: Cleartext Exposure of Service Account password | User-ID Credential Agent 11.0.0 | >= 11.0.2-133 on Windows, < 11.0.3 on Windows | < 11.0.2-133 on Windows, >= 11.0.3 on Windows | 2025-09-10 | 2025-09-10 |
| 0.5 | CVE-2025-4234
Cortex XDR Microsoft 365 Defender Pack: Cleartext Exposure of Credentials | Cortex XDR Microsoft 365 Defender Pack 4.6.0 | | | 2025-09-10 | 2025-09-10 |
| 6.1 | PAN-SA-2025-0014
Chromium: Monthly Vulnerability Update (August 2025) | | | | 2025-08-13 | 2025-08-13 |
| 1.1 | CVE-2025-2180
Checkov by Prisma Cloud: Unsafe Deserialization of Terraform Files Allows Code Execution | Checkov by Prisma Cloud 3.2.0 | | | 2025-08-13 | 2025-08-13 |
| 2 | CVE-2025-2181
Checkov by Prisma Cloud: Cleartext Exposure of Credentials | Checkov by Prisma Cloud 3.2.0 | | | 2025-08-13 | 2025-08-13 |
| 3.3 | CVE-2025-2182
PAN-OS: Firewall Clusters using the MACsec Protocol Expose the Connectivity Association Key (CAK) | Cloud NGFW PAN-OS PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None None on devices other than PA-7500 < 11.2.8 on PA-7500 < 11.1.10 on PA-7500 None on PA-7500 None on PA-7500 None | All All on devices other than PA-7500 >= 11.2.8 on PA-7500 >= 11.1.10 on PA-7500 All on PA-7500 All on PA-7500 All | 2025-08-13 | 2025-08-13 |
| 4.5 | CVE-2025-2183
GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation | Global Protect UWP App GlobalProtect App GlobalProtect App 6.3 GlobalProtect App 6.2 GlobalProtect App 6.1 GlobalProtect App 6.0 | None None on Android, None on iOS, None on macOS < 6.3.3-h2 (6.3.3-c676) on Windows, < 6.3.3 on Linux < 6.2.8-h3 (6.2.8-c263) on Windows, All on Linux All on Windows, All on Linux < 6.0.12 on Windows, All on Linux | All All on Android, All on iOS, All on macOS >= 6.3.3-h2 (6.3.3-c676) on Windows*, >= 6.3.3 on Linux >= 6.2.8-h3 (6.2.8-c263) on Windows*, None on Linux None on Windows, None on Linux >= 6.0.12 on Windows*, None on Linux | 2025-08-13 | 2025-08-13 |
| 4.9 | CVE-2025-2184
Cortex XDR Broker VM: Secrets Shared Across Multiple Broker VM Images | Cortex XDR Broker VM 28.0.0 | | | 2025-08-13 | 2025-08-13 |
| 4.3 | CVE-2025-2179
GlobalProtect App: Non Admin User Can Disable the GlobalProtect App | GlobalProtect App GlobalProtect App 6.2 GlobalProtect App 6.1 GlobalProtect App 6.0 GlobalProtect UWP App | None on Android, None on Chrome OS, None on iOS, None on Windows, None on macOS < 6.2.9 on Linux All on Linux All on Linux None | All on Android, All on Chrome OS, All on iOS, All on Windows, All on macOS >= 6.2.9 on Linux None on Linux None on Linux All | 2025-07-28 | 2025-07-28 |
| i | PAN-SA-2025-0012
Informational Bulletin: OSS CVEs Fixed in PAN-OS | | | | 2025-07-09 | 2025-07-09 |
| 8.6 | PAN-SA-2025-0013
Chromium: Monthly Vulnerability Update (July 2025) | | | | 2025-07-09 | 2025-07-09 |
| 2.4 | CVE-2025-0139
Autonomous Digital Experience Manager: Privilege Escalation (PE) Vulnerability | Autonomous Digital Experience Manager 5.6.0 | | | 2025-07-09 | 2025-08-13 |
| 4.3 | CVE-2025-0140
GlobalProtect App: Non Admin User Can Disable the GlobalProtect App | GlobalProtect App GlobalProtect App 6.3 GlobalProtect App 6.2 GlobalProtect App 6.1 GlobalProtect App 6.0 GlobalProtect UWP App | None on Android, None on Chrome OS, None on iOS, None on Windows, None on Linux < 6.3.3-h1 (6.3.3-c650) on macOS < 6.2.8-h2 (6.2.8-c243) on macOS All on macOS < 6.0.12 on macOS None | All on Android, All on Chrome OS, All on iOS, All on Windows, All on Linux >= 6.3.3-h1 (6.3.3-c650) on macOS >= 6.2.8-h2 (6.2.8-c243) on macOS None on macOS >= 6.0.12 on macOS All | 2025-07-09 | 2025-07-28 |
| 5.7 | CVE-2025-0141
GlobalProtect App: Privilege Escalation (PE) Vulnerability | GlobalProtect App GlobalProtect App 6.3 GlobalProtect App 6.2 GlobalProtect App 6.1 GlobalProtect App 6.0 GlobalProtect UWP App | None on Android, None on Chrome OS, None on iOS < 6.3.3-h1 (6.3.3-c650) on macOS, < 6.3.3-h1 (6.3.3-c650) on Windows < 6.2.8-h2 (6.2.8-c243) on macOS, < 6.2.8-h2 (6.2.8-c243) on Windows, < 6.2.8 on Linux All on macOS, All on Windows, All on Linux < 6.0.12 on macOS, < 6.0.12 on Windows, All on Linux None | All on Android, All on Chrome OS, All on iOS >= 6.3.3-h1 (6.3.3-c650) on macOS, >= 6.3.3-h1 (6.3.3-c650) on Windows >= 6.2.8-h2 (6.2.8-c243) on macOS, >= 6.2.8-h2 (6.2.8-c243) on Windows, >= 6.2.8 on Linux None on macOS, None on Windows, None on Linux >= 6.0.12 on macOS, >= 6.0.12 on Windows, None on Linux All | 2025-07-09 | 2025-07-18 |
| 8.6 | PAN-SA-2025-0011
Chromium and Prisma Access Browser: Monthly Vulnerability Update (June 2025) | | | | 2025-06-11 | 2025-06-11 |
| 5.7 | CVE-2025-4232
GlobalProtect: Authenticated Code Injection Through Wildcard on macOS | GlobalProtect App GlobalProtect App 6.3 GlobalProtect App 6.2 GlobalProtect App 6.1 GlobalProtect App 6.0 | None on Windows, Linux, Android, iOS, Chrome OS < 6.3.3 on macOS < 6.2.8-h2 [6.2.8-c243] on macOS All on macOS < 6.0.12 on macOS | All on Windows, Linux, Android, iOS, Chrome OS >= 6.3.3 on macOS >= 6.2.8-h2 [6.2.8-c243] on macOS None on macOS >= 6.0.12 on macOS | 2025-06-11 | 2025-07-16 |
| 6.1 | CVE-2025-4231
PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None None None < 11.0.3 < 10.2.8 All None | All All All >= 11.0.3 >= 10.2.8 None All | 2025-06-11 | 2025-06-11 |
| 5.7 | CVE-2025-4230
PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.6 < 11.1.6-h14, < 11.1.10 < 10.2.10-h27 < 10.1.14-h15 None | All >= 11.2.6 >= 11.1.6-h14, >= 11.1.10 >= 10.2.10-h27 >= 10.1.14-h15 All | 2025-06-11 | 2025-06-30 |
| 2.3 | CVE-2025-4229
PAN-OS: Traffic Information Disclosure Vulnerability | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.7 < 11.1.10 < 10.2.16-h1, < 10.2.17 < 10.1.14-h16 None | All >= 11.2.7 >= 11.1.10 >= 10.2.16-h1, >= 10.2.17 [ETA: Aug 2025] >= 10.1.14-h16 All | 2025-06-11 | 2025-06-30 |
| 1 | CVE-2025-4228
Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability | | | | 2025-06-11 | 2025-06-11 |