Summary: Palo Alto Networks has released patches for multiple vulnerabilities in its Expedition migration tool, including a high-severity SQL injection flaw that could lead to sensitive information disclosure. The tool, which is no longer supported as of December 31, 2024, poses significant risks if not properly managed.
Threat Actor: Authenticated attackers | authenticated attackers
Victim: Users of Expedition tool | users of Expedition tool
Key Point :
- High-severity SQL injection vulnerability (CVE-2025-0103) allows attackers to read sensitive database contents and create/delete files.
- Expedition tool is retired and will not receive further updates, urging users to find alternatives.
- Customers are advised to restrict network access and shut down the tool if not in use.
- Recent updates also address six Chromium vulnerabilities in the Prisma Access Browser.