Palo Alto Networks Security Advisories / PAN-SA-2025-0017

PAN-SA-2025-0017 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION


Informational

JSON CSAF
Published 2025-11-02
Updated 2025-11-03
Discovered internally

Description

The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Prisma SD-WAN ION. While Prisma SD-WAN ION may include the affected OSS package, Prisma SD-WAN ION does not offer any scenarios required for an attacker to successfully exploit these vulnerabilities and is not impacted.

CVESummary
CVE-2025-61984Prisma SD-WAN ION devices do not allow the ProxyCommand directive required for exploitation, and ssh_config cannot be modified. Therefore, there is no impact.

Product Status

VersionsAffectedUnaffected
Prisma SD-WAN IONNoneAll

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of these issues in Prisma SD-WAN ION.

Solution

No software updates are required at this time.

Timeline

Initial Publication
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2025 Palo Alto Networks, Inc. All rights reserved.