Palo Alto Networks Security Advisories

Clear
version
severity
product
Clear
Found 3
VersionsAffectedUnaffected
3.3CVE-2025-2182 PAN-OS: Firewall Clusters using the MACsec Protocol Expose the Connectivity Association Key (CAK)
Cloud NGFW
PAN-OS
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None on devices other than PA-7500
< 11.2.8 on PA-7500
< 11.1.10 on PA-7500
None on PA-7500
None on PA-7500
None
All
All on devices other than PA-7500
>= 11.2.8 on PA-7500
>= 11.1.10 on PA-7500
All on PA-7500
All on PA-7500
All
2025-08-132025-08-13
2.3CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.7
< 11.1.10
< 10.2.16-h1, < 10.2.17
< 10.1.14-h16
None
All
>= 11.2.7
>= 11.1.10
>= 10.2.16-h1, >= 10.2.17 [ETA: Aug 2025]
>= 10.1.14-h16
All
2025-06-112025-06-30
2CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
All
< 11.2.4-h9, < 11.2.7
< 11.1.6-h14, < 11.1.10-h1
< 10.2.16-h1
All
All
None (See Mitigations and Workarounds)
>= 11.2.4-h9, >= 11.2.7
>= 11.1.6-h14, >= 11.1.10-h1
>= 10.2.16-h1
None
None (See Mitigations and Workarounds)
2025-05-142025-07-09
Download
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2025 Palo Alto Networks, Inc. All rights reserved.