Palo Alto Networks Security Advisories

1 - 25 of 30

CVSS	Summary	Versions	Affected	Unaffected	Published	Updated
2.3	CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.7 < 11.1.10 < 10.2.16-h1, < 10.2.17 < 10.1.14-h16 None	All >= 11.2.7 >= 11.1.10 >= 10.2.16-h1, >= 10.2.17 [ETA: Aug 2025] >= 10.1.14-h16 All	2025-06-11	2025-06-30
6.1	CVE-2025-4231 PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None None None < 11.0.3 < 10.2.8 All None	All All All >= 11.0.3 >= 10.2.8 None All	2025-06-11	2025-06-11
5.7	CVE-2025-4230 PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.6 < 11.1.6-h14, < 11.1.10 < 10.2.13-h7 < 10.1.14-h15 None	All >= 11.2.6 >= 11.1.6-h14, >= 11.1.10 >= 10.2.13-h7 >= 10.1.14-h15 All	2025-06-11	2025-06-30
2	CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	All < 11.2.4-h9, < 11.2.7 < 11.1.6-h14, < 11.1.10-h1 < 10.2.16-h1 All All	None (See Mitigations and Workarounds) >= 11.2.4-h9, >= 11.2.7 >= 11.1.6-h14, >= 11.1.10-h1 >= 10.2.16-h1 None None (See Mitigations and Workarounds)	2025-05-14	2025-07-09
1.1	CVE-2025-0137 PAN-OS: Improper Neutralization of Input in the Management Web Interface	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.5 < 11.1.6-h14, < 11.1.8 < 10.2.13 < 10.1.14-h14 None	All >= 11.2.5 >= 11.1.6-h14, >= 11.1.8 >= 10.2.13 >= 10.1.14-h14 All	2025-05-14	2025-07-11
1.3	CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None None < 11.1.5 < 11.0.7 < 10.2.11 < 10.1.14-h14 None	All All >= 11.1.5 >= 11.0.7 >= 10.2.11 >= 10.1.14-h14 All	2025-05-14	2025-05-14
4	CVE-2025-0127 PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None None on VM-Series None on VM-Series < 11.0.4 on VM-Series < 10.2.9 on VM-Series < 10.1.14-h13 on VM-Series None	All All on VM-Series All on VM-Series >= 11.0.4 on VM-Series >= 10.2.9 on VM-Series >= 10.1.14-h13 on VM-Series All	2025-04-09	2025-04-09
6.6	CVE-2025-0128 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None on PAN-OS < 11.2.3 < 11.1.5 < 11.0.6 < 10.2.10-h17 < 10.1.14-h11 < 10.2.4-h36 on PAN-OS, < 10.2.10-h16 on PAN-OS, < 11.2.4-h5 on PAN-OS	All on PAN-OS >= 11.2.3 >= 11.1.5 >= 11.0.6 >= 10.2.10-h17 >= 10.1.14-h11 >= 10.2.4-h36 on PAN-OS, >= 10.2.10-h16 on PAN-OS, >= 11.2.4-h5 on PAN-OS	2025-04-09	2025-04-09
5.6	CVE-2025-0126 PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.3 < 11.1.5 < 11.0.6 < 10.2.4-h25, < 10.2.9-h13, < 10.2.10-h6, < 10.2.11 < 10.1.14-h11 < 10.2.4-h36 on PAN-OS, < 10.2.10-h16 on PAN-OS, < 11.2.4-h5 on PAN-OS	All >= 11.2.3 >= 11.1.5 >= 11.0.6 >= 10.2.4-h25, >= 10.2.9-h13, >= 10.2.10-h6, >= 10.2.11 >= 10.1.14-h11 >= 10.2.4-h36 on PAN-OS, >= 10.2.10-h16 on PAN-OS, >= 11.2.4-h5 on PAN-OS	2025-04-09	2025-04-09
4.4	CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.5 < 11.1.5 < 11.0.6 < 10.2.10-h19, < 10.2.11 < 10.1.14-h11 None	All >= 11.2.5 >= 11.1.5 >= 11.0.6 >= 10.2.10-h19, >= 10.2.11 >= 10.1.14-h11 All	2025-04-09	2025-06-12
2	CVE-2025-0124 PAN-OS: Authenticated File Deletion Vulnerability on the Management Web Interface	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	All < 11.2.1 < 11.1.5 < 11.0.6 < 10.2.10 < 10.1.14-h11 None	None (ETA end of April) >= 11.2.1 >= 11.1.5 >= 11.0.6 >= 10.2.10 >= 10.1.14-h11 All	2025-04-09	2025-04-09
1.9	CVE-2025-0123 PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.6 < 11.1.6-h10, < 11.1.8 < 10.2.10-h21, < 10.2.15 < 10.1.14-h13 None	All >= 11.2.6 >= 11.1.6-h10, >= 11.1.8 >= 10.2.10-h21, >= 10.2.15 >= 10.1.14-h13 All	2025-04-09	2025-07-11
4.6	CVE-2025-0114 PAN-OS: Denial of Service (DoS) in GlobalProtect	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None None None < 11.0.2 < 10.2.5 < 10.1.14-h11 None	All All All >= 11.0.2 >= 10.2.5 >= 10.1.14-h11 All	2025-03-12	2025-03-12
4.3	CVE-2025-0115 PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.3 < 11.1.4-h17, < 11.1.5 < 11.0.6 < 10.2.10-h18, < 10.2.11 < 10.1.14-h11 None	All >= 11.2.3 >= 11.1.4-h17, >= 11.1.5 >= 11.0.6 >= 10.2.10-h18, >= 10.2.11 >= 10.1.14-h11 All	2025-03-12	2025-06-12
4.3	CVE-2025-0116 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.5 < 11.1.4-h17, < 11.1.6-h6, < 11.1.8 < 10.2.10-h17, < 10.2.13-h5, < 10.2.14 < 10.1.14-h11 None	All >= 11.2.5 >= 11.1.4-h17, >= 11.1.6-h6, >= 11.1.8 >= 10.2.10-h17, >= 10.2.13-h5, >= 10.2.14 >= 10.1.14-h11 All	2025-03-12	2025-04-04
8.8	CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.4-h4, < 11.2.5 < 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1 < 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3 < 10.1.14-h9 None	All >= 11.2.4-h4, >= 11.2.5 >= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1 >= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3 >= 10.1.14-h9 All	2025-02-12	2025-03-06
5.5	CVE-2025-0109 PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.4-h4, < 11.2.5 < 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1 < 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3 < 10.1.14-h9 None	All >= 11.2.4-h4, >= 11.2.5 >= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1 >= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3 >= 10.1.14-h9 All	2025-02-12	2025-03-06
7.1	CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.4-h4, < 11.2.5 < 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1 < 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3 < 10.1.14-h9 None	All >= 11.2.4-h4, >= 11.2.5 >= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1 >= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3 >= 10.1.14-h9 All	2025-02-12	2025-03-06
1	CVE-2024-5920 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in PAN-OS Enables Impersonation of a Legitimate Administrator	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None None < 11.1.4 < 11.0.6 < 10.2.7-h24, < 10.2.10-h14, < 10.2.11 < 10.1.14 None	All All >= 11.1.4 >= 11.0.6 >= 10.2.7-h24, >= 10.2.10-h14, >= 10.2.11 >= 10.1.14 All	2024-11-13	2025-04-30
0.5	CVE-2024-5917 PAN-OS: Server-Side Request Forgery in WildFire	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1	None None None None < 10.2.2 < 10.1.7	All All All All >= 10.2.2 >= 10.1.7	2024-11-13	2025-01-22
4.3	CVE-2024-2552 PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.4 < 11.1.4-h9, < 11.1.5 < 11.0.6 < 10.2.7-h21, < 10.2.8-h18, < 10.2.9-h18, < 10.2.10-h10, < 10.2.11-h9, < 10.2.12 None None	All >= 11.2.4 >= 11.1.4-h9, >= 11.1.5 >= 11.0.6 >= 10.2.7-h21, >= 10.2.8-h18, >= 10.2.9-h18, >= 10.2.10-h10, >= 10.2.11-h9, >= 10.2.12 All All	2024-11-13	2025-01-06
6.6	CVE-2024-2550 PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None None < 11.1.4-h9, < 11.1.5 < 11.0.6 < 10.2.7-h21, < 10.2.8-h18, < 10.2.9-h18, < 10.2.10-h10, < 10.2.11 None None	All All >= 11.1.4-h9, >= 11.1.5 >= 11.0.6 >= 10.2.7-h21, >= 10.2.8-h18, >= 10.2.9-h18, >= 10.2.10-h10, >= 10.2.11 All All	2024-11-13	2025-01-06
6.6	CVE-2024-9472 PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Traffic	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None < 11.2.2-h3, < 11.2.3 < 11.1.2-h14, < 11.1.3-h10 None < 10.2.7-h16, < 10.2.8-h13, < 10.2.9-h14, < 10.2.10-h7, < 10.2.11-h4 None None	All >= 11.2.2-h3, >= 11.2.3 >= 11.1.2-h14, >= 11.1.3-h10 All >= 10.2.7-h16, >= 10.2.8-h13, >= 10.2.9-h14, >= 10.2.10-h7, >= 10.2.11-h4 All All	2024-11-13	2024-11-13
6.6	CVE-2024-2551 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None None None < 11.0.5 < 10.2.4-h6, < 10.2.5 < 10.1.14 None	All All All >= 11.0.5 >= 10.2.4-h6, >= 10.2.5 >= 10.1.14 All	2024-11-13	2024-11-13
1.2	CVE-2024-5919 PAN-OS: Authenticated XML External Entities (XXE) Injection Vulnerability	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	None None None < 11.0.2 < 10.2.5 < 10.1.10 None	All All All >= 11.0.2 >= 10.2.5 >= 10.1.10 All	2024-11-13	2024-11-13

1 - 25 of 30 Download

Palo Alto Networks Security Advisories

Super Users: Setup Emergency Security Contacts (ESC) for Product Security Alerts