The CVE-2025–0108 vulnerability is a critical security flaw in Palo Alto Networks’ PAN-OS that permits authentication bypass, exposing sensitive configurations to unauthorized users. It has a CVSS score of 7.8, posing significant risks to system integrity and confidentiality. Immediate updates to fixed versions are essential to mitigate the threat. Affected: PAN-OS 10.0-10.2, PAN-OS 11.0
Keypoints :
- CVE-2025–0108 affects PAN-OS by allowing authentication bypass.
- The vulnerability can lead to unauthorized access to sensitive configurations and data.
- CVE-2025–0108 has a CVSS score of 7.8, reflecting a high risk level.
- Unpatched versions of PAN-OS 10.0-10.2 and 11.0 are particularly vulnerable.
- Palo Alto Networks recommends updating to PAN-OS 10.2.4 or later to mitigate risks.
- There are additional vulnerabilities: CVE-2025–0109 (CVSS 8.8) and CVE-2025–0110 (CVSS 7.5).
- Implementing best practices, including disabling untrusted access and regular vulnerability assessments, is critical.
- Education and training for employees on cybersecurity best practices are essential to strengthen organizational security.
MITRE Techniques :
- T1078 – Valid Accounts: Exploited via authentication bypass leading to unauthorized access.
- T1071 – Application Layer Protocol: Using application protocols to access the management interface.
- T1212 – Exploitation for Client Execution: Exploiting vulnerabilities to execute unauthorized commands.
Indicator of Compromise :
- [Domain] paloalto[. ]networks
- [IoC Type] PAN-OS 10.2.4
- [IoC Type] PAN-OS 11.0
- [CVSS Score] 7.8
- [CVSS Score] 8.8