Palo Alto Networks Security Advisories

Clear
version
severity
product
Clear
1 - 25 of 249
VersionsAffectedUnaffected
5.7CVE-2025-4230 PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.6
< 11.1.6-h14, < 11.1.10
< 10.2.13-h7
< 10.1.14-h15
None
All
>= 11.2.6
>= 11.1.6-h14, >= 11.1.10
>= 10.2.13-h7
>= 10.1.14-h15
All
2025-06-112025-06-30
6.1CVE-2025-4231 PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
None
< 11.0.3
< 10.2.8
All
None
All
All
All
>= 11.0.3
>= 10.2.8
None
All
2025-06-112025-06-11
4.6CVE-2025-0130 PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafted Packets
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.5
< 11.1.6-h1, < 11.1.7-h2, < 11.1.8
None
None
None
All
>= 11.2.5
>= 11.1.6-h1, >= 11.1.7-h2, >= 11.1.8
All
All
All
2025-05-142025-05-14
6.6CVE-2025-0128 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None on PAN-OS
< 11.2.3
< 11.1.5
< 11.0.6
< 10.2.10-h17
< 10.1.14-h11
< 10.2.4-h36 on PAN-OS, < 10.2.10-h16 on PAN-OS, < 11.2.4-h5 on PAN-OS
All on PAN-OS
>= 11.2.3
>= 11.1.5
>= 11.0.6
>= 10.2.10-h17
>= 10.1.14-h11
>= 10.2.4-h36 on PAN-OS, >= 10.2.10-h16 on PAN-OS, >= 11.2.4-h5 on PAN-OS
2025-04-092025-04-09
4CVE-2025-0127 PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None on VM-Series
None on VM-Series
< 11.0.4 on VM-Series
< 10.2.9 on VM-Series
< 10.1.14-h13 on VM-Series
None
All
All on VM-Series
All on VM-Series
>= 11.0.4 on VM-Series
>= 10.2.9 on VM-Series
>= 10.1.14-h13 on VM-Series
All
2025-04-092025-04-09
4.4CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.5
< 11.1.5
< 11.0.6
< 10.2.10-h19, < 10.2.11
< 10.1.14-h11
None
All
>= 11.2.5
>= 11.1.5
>= 11.0.6
>= 10.2.10-h19, >= 10.2.11
>= 10.1.14-h11
All
2025-04-092025-06-12
5.6CVE-2025-0126 PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.3
< 11.1.5
< 11.0.6
< 10.2.4-h25, < 10.2.9-h13, < 10.2.10-h6, < 10.2.11
< 10.1.14-h11
< 10.2.4-h36 on PAN-OS, < 10.2.10-h16 on PAN-OS, < 11.2.4-h5 on PAN-OS
All
>= 11.2.3
>= 11.1.5
>= 11.0.6
>= 10.2.4-h25, >= 10.2.9-h13, >= 10.2.10-h6, >= 10.2.11
>= 10.1.14-h11
>= 10.2.4-h36 on PAN-OS, >= 10.2.10-h16 on PAN-OS, >= 11.2.4-h5 on PAN-OS
2025-04-092025-04-09
4.3CVE-2025-0115 PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.3
< 11.1.4-h17, < 11.1.5
< 11.0.6
< 10.2.10-h18, < 10.2.11
< 10.1.14-h11
None
All
>= 11.2.3
>= 11.1.4-h17, >= 11.1.5
>= 11.0.6
>= 10.2.10-h18, >= 10.2.11
>= 10.1.14-h11
All
2025-03-122025-06-12
4.6CVE-2025-0114 PAN-OS: Denial of Service (DoS) in GlobalProtect
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
None
< 11.0.2
< 10.2.5
< 10.1.14-h11
None
All
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.14-h11
All
2025-03-122025-03-12
4.3CVE-2025-0116 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.5
< 11.1.4-h17, < 11.1.6-h6, < 11.1.8
< 10.2.10-h17, < 10.2.13-h5, < 10.2.14
< 10.1.14-h11
None
All
>= 11.2.5
>= 11.1.4-h17, >= 11.1.6-h6, >= 11.1.8
>= 10.2.10-h17, >= 10.2.13-h5, >= 10.2.14
>= 10.1.14-h11
All
2025-03-122025-04-04
8.8CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h4, < 11.2.5
< 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1
< 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3
< 10.1.14-h9
None
All
>= 11.2.4-h4, >= 11.2.5
>= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1
>= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3
>= 10.1.14-h9
All
2025-02-122025-03-06
7.1CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h4, < 11.2.5
< 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1
< 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3
< 10.1.14-h9
None
All
>= 11.2.4-h4, >= 11.2.5
>= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1
>= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3
>= 10.1.14-h9
All
2025-02-122025-03-06
5.5CVE-2025-0109 PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h4, < 11.2.5
< 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1
< 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3
< 10.1.14-h9
None
All
>= 11.2.4-h4, >= 11.2.5
>= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1
>= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3
>= 10.1.14-h9
All
2025-02-122025-03-06
7.8PAN-SA-2025-0001 Expedition: Multiple Vulnerabilities in Expedition Migration Tool Lead to Exposure of Firewall Credentials
Cloud NGFW
Expedition 1
Panorama
PAN-OS
Prisma Access
None
< 1.2.101
None
None
None
All
>= 1.2.101
All
All
All
2025-01-082025-01-15
8.7CVE-2024-3393 PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet
Cloud NGFW
PAN-OS
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
Prisma Access
None
None on Panorama
< 11.2.3
< 11.1.2-h16, < 11.1.3-h13, < 11.1.4-h7, < 11.1.5
>= 10.2.8, < 10.2.8-h19, < 10.2.9-h19, < 10.2.10-h12, < 10.2.11-h10, < 10.2.12-h4, < 10.2.13-h2, < 10.2.14
>= 10.1.14, < 10.1.14-h8, < 10.1.15
None
None
>= 10.2.8 on PAN-OS, < 10.2.9-h19 on PAN-OS, < 10.2.10-h12 on PAN-OS, < 11.2.3 on PAN-OS
All
All on Panorama
>= 11.2.3
>= 11.1.2-h16, >= 11.1.3-h13, >= 11.1.4-h7, >= 11.1.5
< 10.2.8, >= 10.2.8-h19, >= 10.2.9-h19, >= 10.2.10-h12, >= 10.2.11-h10, >= 10.2.12-h4, >= 10.2.13-h2, >= 10.2.14
< 10.1.14, >= 10.1.14-h8, >= 10.1.15
All
All
< 10.2.8 on PAN-OS, >= 10.2.9-h19 on PAN-OS, >= 10.2.10-h12 on PAN-OS, >= 11.2.3 on PAN-OS
2024-12-272025-01-30
9.3CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.0-h1, < 11.2.1-h1, < 11.2.2-h2, < 11.2.3-h3, < 11.2.4-h1
< 11.1.0-h4, < 11.1.1-h2, < 11.1.2-h15, < 11.1.3-h11, < 11.1.4-h7, < 11.1.5-h1
< 11.0.0-h4, <  11.0.1-h5, < 11.0.2-h5, < 11.0.3-h13, < 11.0.4-h6, <  11.0.5-h2, < 11.0.6-h1
< 10.2.0-h4, < 10.2.1-h3, <  10.2.2-h6, < 10.2.3-h14, < 10.2.4-h32, < 10.2.5-h9, < 10.2.6-h6, < 10.2.7-h18, < 10.2.8-h15, < 10.2.9-h16, <  10.2.10-h9, < 10.2.11-h6, < 10.2.12-h2
None
None
All
>= 11.2.0-h1, >= 11.2.1-h1, >= 11.2.2-h2, >= 11.2.3-h3, >= 11.2.4-h1
>= 11.1.0-h4, >= 11.1.1-h2, >= 11.1.2-h15, >= 11.1.3-h11, >= 11.1.4-h7, >= 11.1.5-h1
>= 11.0.0-h4, >=  11.0.1-h5, >= 11.0.2-h5, >= 11.0.3-h13, >= 11.0.4-h6, >=  11.0.5-h2, >= 11.0.6-h1
>= 10.2.0-h4, >= 10.2.1-h3, >=  10.2.2-h6, >= 10.2.3-h14, >= 10.2.4-h32, >= 10.2.5-h9, >= 10.2.6-h6, >= 10.2.7-h18, >= 10.2.8-h15, >= 10.2.9-h16, >=  10.2.10-h9, >= 10.2.11-h6, >= 10.2.12-h2
All
All
2024-11-182025-03-03
6.9CVE-2024-9474 PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.0-h1, < 11.2.1-h1, < 11.2.2-h2, < 11.2.3-h3, < 11.2.4-h1
< 11.1.0-h4, < 11.1.1-h2, < 11.1.2-h15, < 11.1.3-h11, < 11.1.4-h7, < 11.1.5-h1
< 11.0.0-h4, < 11.0.1-h5, < 11.0.2-h5, < 11.0.3-h13, < 11.0.4-h6, < 11.0.5-h2, < 11.0.6-h1
< 10.2.0-h4, < 10.2.1-h3, < 10.2.2-h6, < 10.2.3-h14, < 10.2.4-h32, < 10.2.5-h9, < 10.2.6-h6, < 10.2.7-h18, < 10.2.8-h15, < 10.2.9-h16, < 10.2.10-h9, < 10.2.11-h6, < 10.2.12-h2
< 10.1.3-h4, < 10.1.6-h9, < 10.1.8-h8, < 10.1.9-h14, < 10.1.10-h9, < 10.1.11-h10, < 10.1.12-h3, < 10.1.13-h5, < 10.1.14-h6
None
All
>= 11.2.0-h1, >= 11.2.1-h1, >= 11.2.2-h2, >= 11.2.3-h3, >= 11.2.4-h1
>= 11.1.0-h4, >= 11.1.1-h2, >= 11.1.2-h15, >= 11.1.3-h11, >= 11.1.4-h7, >= 11.1.5-h1
>= 11.0.0-h4, >= 11.0.1-h5, >= 11.0.2-h5, >= 11.0.3-h13, >= 11.0.4-h6, >= 11.0.5-h2, >= 11.0.6-h1
>= 10.2.0-h4, >= 10.2.1-h3, >= 10.2.2-h6, >= 10.2.3-h14, >= 10.2.4-h32, >= 10.2.5-h9, >= 10.2.6-h6, >= 10.2.7-h18, >= 10.2.8-h15, >= 10.2.9-h16, >= 10.2.10-h9, >= 10.2.11-h6, >= 10.2.12-h2
>= 10.1.3-h4, >= 10.1.6-h9, >= 10.1.8-h8, >= 10.1.9-h14, >= 10.1.10-h9, >= 10.1.11-h10, >= 10.1.12-h3, >= 10.1.13-h5, >= 10.1.14-h6
All
2024-11-182024-11-21
6.6CVE-2024-2550 PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
< 11.1.4-h9, < 11.1.5
< 11.0.6
< 10.2.7-h21, < 10.2.8-h18, < 10.2.9-h18, < 10.2.10-h10, < 10.2.11
None
None
All
All
>= 11.1.4-h9, >= 11.1.5
>= 11.0.6
>= 10.2.7-h21, >= 10.2.8-h18, >= 10.2.9-h18, >= 10.2.10-h10, >= 10.2.11
All
All
2024-11-132025-01-06
1 - 25 of 249 Download
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2025 Palo Alto Networks, Inc. All rights reserved.