Summary: Palo Alto Networks has confirmed that the newly identified firewall vulnerability, CVE-2025-0108, is being actively exploited, allowing unauthorized access to the device’s management interface. Discovered by Assetnote, the vulnerability can be chained with another flaw, CVE-2024-9474, for remote code execution. The company urges all users with exposed PAN-OS management interfaces to apply security updates immediately to mitigate risks.
Affected: Palo Alto Networks PAN-OS
Keypoints :
- CVE-2025-0108 is actively exploited, allowing unauthenticated access to the management interface of compromised devices.
- Exploitation attempts are observed from nearly 30 unique IP addresses, classified as ‘malicious’ by threat intelligence firm GreyNoise.
- Palo Alto Networks recommends immediate application of security updates for devices with internet-facing management interfaces to minimize risk.
Source: https://www.securityweek.com/palo-alto-networks-confirms-exploitation-of-firewall-vulnerability/
Views: 34