CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices
Description
Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series) leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec.
This issue does not affect Cloud NGFWs, Prisma® Access instances, or PAN-OS VM-Series firewalls.
NOTE: The AES-128-CCM encryption algorithm is not recommended for use.
Product Status
| Versions | Affected | Unaffected |
|---|---|---|
| Cloud NGFW | None | All |
| PAN-OS 11.2 | None | All |
| PAN-OS 11.1 | < 11.1.5 | >= 11.1.5 |
| PAN-OS 11.0 | < 11.0.7 | >= 11.0.7 |
| PAN-OS 10.2 | < 10.2.11 | >= 10.2.11 |
| PAN-OS 10.1 | < 10.1.14-h14 | >= 10.1.14-h14 |
| Prisma Access | None | All |
PAN-OS 11.0, PAN-OS 10.0, and all earlier PAN-OS versions have reached their software end-of-life (EoL) dates and are no longer evaluated for vulnerabilities. For this reason, we do not intend to fix this issue in these EoL versions. You should presume that these versions are affected by this vulnerability.
Required Configuration for Exposure
You can verify whether you configured AES-128-CCM by checking IPSec profiles on your x86_64 Intel platform based firewall (Network → Network Profiles → IPSec Crypto → Encryption → AES-128-CCM).
Severity: LOW, Suggested Urgency: MODERATE
CVSS-BT: 1.3 / CVSS-B: 5.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber)
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of this issue.
Weakness Type and Impact
CWE-319 Cleartext Transmission of Sensitive Information
Solution
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 | No action needed | |
| PAN-OS 11.1 | 11.1.0 through 11.1.4 | Upgrade to 11.1.5 or later |
| PAN-OS 11.0 | 11.0.0 through 11.0.6 | Upgrade to 11.0.7 or later |
| PAN-OS 10.2 | 10.2.0 through 10.2.10 | Upgrade to 10.2.11 or later |
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h14 or later |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
PAN-OS 11.0 is EoL. We listed it in this section for completeness and because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 on any of your firewalls, though, we strongly recommend that you upgrade to a supported (non-EoL) fixed version.
Workarounds and Mitigations
Configure IPSec Crypto encryption to an algorithm that meets current security standards, such as AES-256-GCM or AES-256-CBC, on PA 7500, PA 5400, PA 5400f, PA 3400, PA 1600, PA 1400, and PA 400 series hardware PAN-OS firewalls. For more information on configuring the IPSec Crypto Profiles see our documentation.
Acknowledgments
CPEs
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.6:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:*:*:*:*:*:*:*