CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Mar 11, 2025
High
CISA KEVCVE-2025-0108
Palo Alto Networks—PAN-OS
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts.
Required Action
https://security.paloaltonetworks.com/CVE-2025-0108 ; https://nvd.nist.gov/vuln/detail/CVE-2025-0108
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Feb 18, 2025
- KEV Added
- Feb 18, 2025
- Due Date
- Mar 11, 2025
- Related Articles
- 0
Vendor
Palo Alto Networks
PAN-OS