CVSS Summary Versions Affected Unaffected Published Updated 1.3 CVE-2025-0136
PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
< 11.1.5
< 11.0.7
< 10.2.11
< 10.1.14-h14
None
All
All
>= 11.1.5
>= 11.0.7
>= 10.2.11
>= 10.1.14-h14
All
2025-05-14 2025-05-14 6.6 CVE-2025-0128
PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None on PAN-OS
< 11.2.3
< 11.1.5
< 11.0.6
< 10.2.10-h17
< 10.1.14-h11
< 10.2.4-h36 on PAN-OS, < 10.2.10-h16 on PAN-OS, < 11.2.4-h5 on PAN-OS
All on PAN-OS
>= 11.2.3
>= 11.1.5
>= 11.0.6
>= 10.2.10-h17
>= 10.1.14-h11
>= 10.2.4-h36 on PAN-OS, >= 10.2.10-h16 on PAN-OS, >= 11.2.4-h5 on PAN-OS
2025-04-09 2025-04-09 5.6 CVE-2025-0126
PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.3
< 11.1.5
< 11.0.6
< 10.2.4-h25, < 10.2.9-h13, < 10.2.10-h6, < 10.2.11
< 10.1.14-h11
< 10.2.4-h36 on PAN-OS, < 10.2.10-h16 on PAN-OS, < 11.2.4-h5 on PAN-OS
All
>= 11.2.3
>= 11.1.5
>= 11.0.6
>= 10.2.4-h25, >= 10.2.9-h13, >= 10.2.10-h6, >= 10.2.11
>= 10.1.14-h11
>= 10.2.4-h36 on PAN-OS, >= 10.2.10-h16 on PAN-OS, >= 11.2.4-h5 on PAN-OS
2025-04-09 2025-04-09 4.4 CVE-2025-0125
PAN-OS: Improper Neutralization of Input in the Management Web Interface Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.5
< 11.1.5
< 11.0.6
< 10.2.10-h19, < 10.2.11
< 10.1.14-h11
None
All
>= 11.2.5
>= 11.1.5
>= 11.0.6
>= 10.2.10-h19, >= 10.2.11
>= 10.1.14-h11
All
2025-04-09 2025-06-12 2 CVE-2025-0124
PAN-OS: Authenticated File Deletion Vulnerability on the Management Web Interface Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
All
< 11.2.1
< 11.1.5
< 11.0.6
< 10.2.10
< 10.1.14-h11
None
None (ETA end of April)
>= 11.2.1
>= 11.1.5
>= 11.0.6
>= 10.2.10
>= 10.1.14-h11
All
2025-04-09 2025-04-09 4.3 CVE-2025-0115
PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.3
< 11.1.4-h17, < 11.1.5
< 11.0.6
< 10.2.10-h18, < 10.2.11
< 10.1.14-h11
None
All
>= 11.2.3
>= 11.1.4-h17, >= 11.1.5
>= 11.0.6
>= 10.2.10-h18, >= 10.2.11
>= 10.1.14-h11
All
2025-03-12 2025-06-12 4.3 CVE-2024-2552
PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI) Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4
< 11.1.4-h9, < 11.1.5
< 11.0.6
< 10.2.7-h21, < 10.2.8-h18, < 10.2.9-h18, < 10.2.10-h10, < 10.2.11-h9, < 10.2.12
None
None
All
>= 11.2.4
>= 11.1.4-h9, >= 11.1.5
>= 11.0.6
>= 10.2.7-h21, >= 10.2.8-h18, >= 10.2.9-h18, >= 10.2.10-h10, >= 10.2.11-h9, >= 10.2.12
All
All
2024-11-13 2025-01-06 6.6 CVE-2024-2550
PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
< 11.1.4-h9, < 11.1.5
< 11.0.6
< 10.2.7-h21, < 10.2.8-h18, < 10.2.9-h18, < 10.2.10-h10, < 10.2.11
None
None
All
All
>= 11.1.4-h9, >= 11.1.5
>= 11.0.6
>= 10.2.7-h21, >= 10.2.8-h18, >= 10.2.9-h18, >= 10.2.10-h10, >= 10.2.11
All
All
2024-11-13 2025-01-06 1 CVE-2024-5920
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in PAN-OS Enables Impersonation of a Legitimate Administrator Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
< 11.1.4
< 11.0.6
< 10.2.7-h24, < 10.2.10-h14, < 10.2.11
< 10.1.14
None
All
All
>= 11.1.4
>= 11.0.6
>= 10.2.7-h24, >= 10.2.10-h14, >= 10.2.11
>= 10.1.14
All
2024-11-13 2025-04-30 8.2 CVE-2024-9468
PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
< 11.1.3
< 11.0.4-h5, < 11.0.6
< 10.2.4-h24, < 10.2.7-h24, < 10.2.8-h20, < 10.2.9-h11, < 10.2.10-h4, < 10.2.11
None
None
All
All
>= 11.1.3
>= 11.0.4-h5, >= 11.0.6
>= 10.2.4-h24, >= 10.2.7-h24, >= 10.2.8-h20, >= 10.2.9-h11, >= 10.2.10-h4, >= 10.2.11
All
All
2024-10-09 2025-04-30 5.3 CVE-2024-3596
PAN-OS: CHAP and PAP When Used with RADIUS Authentication Lead to Privilege Escalation Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
Prisma Access
None
None
< 11.1.3
< 11.0.4-h5, < 11.0.6
< 10.2.4-h21, < 10.2.7-h21, < 10.2.8-h20, < 10.2.9-h8, < 10.2.10
< 10.1.12-h4, < 10.1.14
< 9.1.19
None
All
All
>= 11.1.3
>= 11.0.4-h5, >= 11.0.6
>= 10.2.4-h21, >= 10.2.7-h21, >= 10.2.8-h20, >= 10.2.9-h8, >= 10.2.10
>= 10.1.12-h4, >= 10.1.14
>= 9.1.19
All
2024-07-10 2025-04-30
