Summary: Hackers are exploiting a critical vulnerability (CVE-2025-0108) in Palo Alto Networks PAN-OS firewalls, which allows unauthenticated attackers to bypass authentication and execute PHP scripts. Despite a fix being issued, many devices remain unpatched, leading to increased exploitation attempts. The company urges immediate upgrades to specific versions to mitigate this risk.
Affected: Palo Alto Networks PAN-OS firewalls
Keypoints :
- Vulnerability allows unauthenticated network attackers to bypass authentication.
- Over 4,400 PAN-OS devices are currently exposed online, increasing the risk of attacks.
- Palo Alto encourages upgrades to supported versions due to the end-of-life status for PAN-OS 11.0 without forthcoming fixes.
- Threat monitoring identifies active exploitation attempts starting February 13, 2023.