Palo Alto Networks Security Advisories

Clear
version
severity
product
Clear
1 - 25 of 140
VersionsAffectedUnaffected
7.1CVE-2025-4232 GlobalProtect: Authenticated Code Injection Through Wildcard on macOS
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
None on Windows, Linux, Android, iOS, Chrome OS
< 6.3.3 on macOS
< 6.2.8-h2 on macOS
All on macOS
All on macOS
All on Windows, Linux, Android, iOS, Chrome OS
>= 6.3.3 on macOS
>= 6.2.8-h2 on macOS [ETA June 2025]
None on macOS
None on macOS
2025-06-112025-06-11
6.1CVE-2025-4231 PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
None
< 11.0.3
< 10.2.8
All
None
All
All
All
>= 11.0.3
>= 10.2.8
None
All
2025-06-112025-06-11
5.7CVE-2025-4230 PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.6
< 11.1.10
< 10.2.14
< 10.1.14-h15
None
All
>= 11.2.6
>= 11.1.10
>= 10.2.14
>= 10.1.14-h15
All
2025-06-112025-06-11
2.3CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.7
< 11.1.10
< 10.2.17
< 10.1.14-h16
None
All
>= 11.2.7 [ETA: June 2025]
>= 11.1.10
>= 10.2.17
>= 10.1.14-h16 [ETA: July 2025]
All
2025-06-112025-06-11
0.3CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
None on Linux, Android, iOS, Chrome OS, UWP ¹
< 6.3.3-650 on Windows, macOS
< 6.2.8-h2 (ETA: June, 2025) on Windows, macOS
All on Windows, macOS
All on Windows, macOS
All on Linux, Android, iOS, Chrome OS, UWP ¹
>= 6.3.3-650 on Windows, macOS
>= 6.2.8-h2 (ETA: June, 2025) on Windows, macOS
None on Windows, macOS
None on Windows, macOS
2025-06-112025-06-13
4.6CVE-2025-0130 PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafted Packets
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.5
< 11.1.6-h1, < 11.1.7-h2, < 11.1.8
None
None
None
All
>= 11.2.5
>= 11.1.6-h1, >= 11.1.7-h2, >= 11.1.8
All
All
All
2025-05-142025-05-14
2CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.7
< 11.1.11
< 10.2.17
All
None
All
>= 11.2.7 [ETA June 2025]
>= 11.1.11 [ETA July 2025]
>= 10.2.17 [ETA August 2025]
None
All
2025-05-142025-05-21
1.9CVE-2025-0135 GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect UWP App
None on Android, None on Chrome OS, None on iOS, None on Windows, None on Linux
< 6.3.3 on macOS
< 6.2.8 on macOS
All on macOS
All on macOS
None
All on Android, All on Chrome OS, All on iOS, All on Windows, All on Linux
>= 6.3.3 on macOS
>= 6.2.8 on macOS
None on macOS
None on macOS
All
2025-05-142025-06-06
1.3CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
< 11.1.5
< 11.0.7
< 10.2.11
< 10.1.14-h14
None
All
All
>= 11.1.5
>= 11.0.7
>= 10.2.11
>= 10.1.14-h14
All
2025-05-142025-05-14
4CVE-2025-0120 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect UWP App
None on macOS, None on Linux, None on iOS, None on Android, None on Chrome OS
< 6.3.3 on Windows
< 6.2.7-1077 on Windows, < 6.2.8 on Windows
All on Windows
< 6.0.12 on Windows
None
All on macOS, All on Linux, All on iOS, All on Android, All on Chrome OS
>= 6.3.3 on Windows
>= 6.2.7-1077 on Windows, >= 6.2.8 on Windows
None on Windows
>= 6.0.12 on Windows (ETA: May 2025)
All
2025-04-092025-05-02
1.9CVE-2025-0123 PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.6
< 11.1.8
< 10.2.15
< 10.1.14-h13
None
All
>= 11.2.6
>= 11.1.8
>= 10.2.15
>= 10.1.14-h13
All
2025-04-092025-04-09
2CVE-2025-0124 PAN-OS: Authenticated File Deletion Vulnerability on the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
All
< 11.2.1
< 11.1.5
< 11.0.6
< 10.2.10
< 10.1.14-h11
None
None (ETA end of April)
>= 11.2.1
>= 11.1.5
>= 11.0.6
>= 10.2.10
>= 10.1.14-h11
All
2025-04-092025-04-09
4.4CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.5
< 11.1.5
< 11.0.6
< 10.2.10-h19, < 10.2.11
< 10.1.14-h11
None
All
>= 11.2.5
>= 11.1.5
>= 11.0.6
>= 10.2.10-h19, >= 10.2.11
>= 10.1.14-h11
All
2025-04-092025-06-12
5.6CVE-2025-0126 PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.3
< 11.1.5
< 11.0.6
< 10.2.4-h25, < 10.2.9-h13, < 10.2.10-h6, < 10.2.11
< 10.1.14-h11
< 10.2.4-h36 on PAN-OS, < 10.2.10-h16 on PAN-OS, < 11.2.4-h5 on PAN-OS
All
>= 11.2.3
>= 11.1.5
>= 11.0.6
>= 10.2.4-h25, >= 10.2.9-h13, >= 10.2.10-h6, >= 10.2.11
>= 10.1.14-h11
>= 10.2.4-h36 on PAN-OS, >= 10.2.10-h16 on PAN-OS, >= 11.2.4-h5 on PAN-OS
2025-04-092025-04-09
4CVE-2025-0127 PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None on VM-Series
None on VM-Series
< 11.0.4 on VM-Series
< 10.2.9 on VM-Series
< 10.1.14-h13 on VM-Series
None
All
All on VM-Series
All on VM-Series
>= 11.0.4 on VM-Series
>= 10.2.9 on VM-Series
>= 10.1.14-h13 on VM-Series
All
2025-04-092025-04-09
6.6CVE-2025-0128 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None on PAN-OS
< 11.2.3
< 11.1.5
< 11.0.6
< 10.2.10-h17
< 10.1.14-h11
< 10.2.4-h36 on PAN-OS, < 10.2.10-h16 on PAN-OS, < 11.2.4-h5 on PAN-OS
All on PAN-OS
>= 11.2.3
>= 11.1.5
>= 11.0.6
>= 10.2.10-h17
>= 10.1.14-h11
>= 10.2.4-h36 on PAN-OS, >= 10.2.10-h16 on PAN-OS, >= 11.2.4-h5 on PAN-OS
2025-04-092025-04-09
2.2CVE-2025-0118 GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect UWP App
None on macOS, Linux, iOS, Android, Chrome OS
< 6.3.3 on Windows
< 6.2.5 on Windows
< 6.1.6 on Windows
< 6.0.11 on Windows
None
All on macOS, Linux, iOS, Android, Chrome OS
>= 6.3.3 on Windows
>= 6.2.5 on Windows
>= 6.1.6 on Windows
>= 6.0.11 on Windows
All
2025-03-122025-03-12
4.3CVE-2025-0117 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect UWP App
None on iOS, None on Android, None on Chrome OS, None on macOS
< 6.3.3 on Windows
< 6.2.6 on Windows
All on Windows
All on Windows
None
All on iOS, All on Android, All on Chrome OS, All on macOS
>= 6.3.3 on Windows*
>= 6.2.6 on Windows*
None on Windows
None on Windows (Fix version ETA: May 2025)
All
2025-03-122025-05-01
4.3CVE-2025-0116 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.5
< 11.1.4-h17, < 11.1.6-h6, < 11.1.8
< 10.2.10-h17, < 10.2.13-h5, < 10.2.14
< 10.1.14-h11
None
All
>= 11.2.5
>= 11.1.4-h17, >= 11.1.6-h6, >= 11.1.8
>= 10.2.10-h17, >= 10.2.13-h5, >= 10.2.14
>= 10.1.14-h11
All
2025-03-122025-04-04
4.3CVE-2025-0115 PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.3
< 11.1.4-h17, < 11.1.5
< 11.0.6
< 10.2.10-h18, < 10.2.11
< 10.1.14-h11
None
All
>= 11.2.3
>= 11.1.4-h17, >= 11.1.5
>= 11.0.6
>= 10.2.10-h18, >= 10.2.11
>= 10.1.14-h11
All
2025-03-122025-06-12
4.6CVE-2025-0114 PAN-OS: Denial of Service (DoS) in GlobalProtect
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
None
< 11.0.2
< 10.2.5
< 10.1.14-h11
None
All
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.14-h11
All
2025-03-122025-03-12
iPAN-SA-2025-0005 GlobalProtect Clientless VPN: Clientless VPN Misconfiguration Allows Cross-Site Attacks
Cloud NGFW
PAN-OS
Prisma Access
None
All
All
All
None
None
2025-02-122025-02-12
7.1CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h4, < 11.2.5
< 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1
< 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3
< 10.1.14-h9
None
All
>= 11.2.4-h4, >= 11.2.5
>= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1
>= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3
>= 10.1.14-h9
All
2025-02-122025-03-06
5.5CVE-2025-0109 PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h4, < 11.2.5
< 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1
< 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3
< 10.1.14-h9
None
All
>= 11.2.4-h4, >= 11.2.5
>= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1
>= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3
>= 10.1.14-h9
All
2025-02-122025-03-06
8.8CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h4, < 11.2.5
< 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1
< 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3
< 10.1.14-h9
None
All
>= 11.2.4-h4, >= 11.2.5
>= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1
>= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3
>= 10.1.14-h9
All
2025-02-122025-03-06
1 - 25 of 140 Download
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2025 Palo Alto Networks, Inc. All rights reserved.