CVE-2025-0111

HIGH CISA KEV EPSS 76.6%
Published Feb 12, 20251y ago · Modified Jun 17, 20261w ago
7.1 CVSS 4.0
High
Find Similar
Published Feb 12, 2025 1y ago
Last Modified Jun 17, 2026 1w ago
KEV Listed Feb 20, 2025 1y ago
KEV Due Mar 13, 2025 473d overdue

Description

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.

CVSS Details

Base Score
7.1
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Red
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

CISA Known Exploited Overdue 473d
Added
Feb 20, 2025
Due
Mar 13, 2025

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

EPSS Exploit Probability
76.6% percentile
Exploit & Patch Status
Actively Exploited (KEV)
No Patch Available

Weaknesses 2

CWE-610
CWE-73

Affected Products 48

VendorProductVersionRange
paloaltonetworkspan-os*≥10.1.0  –  <10.1.14
paloaltonetworkspan-os*≥10.2.0  –  <10.2.7
paloaltonetworkspan-os*≥10.2.10  –  <10.2.12
paloaltonetworkspan-os*≥11.0.0  –  <11.1.6
paloaltonetworkspan-os*≥11.2.0  –  <11.2.4
paloaltonetworkspan-os10.1.14any
paloaltonetworkspan-os10.1.14any
paloaltonetworkspan-os10.1.14any
paloaltonetworkspan-os10.1.14any
paloaltonetworkspan-os10.1.14any
paloaltonetworkspan-os10.2.7any
paloaltonetworkspan-os10.2.7any
paloaltonetworkspan-os10.2.7any
paloaltonetworkspan-os10.2.7any
paloaltonetworkspan-os10.2.7any
paloaltonetworkspan-os10.2.7any
paloaltonetworkspan-os10.2.7any
paloaltonetworkspan-os10.2.7any
paloaltonetworkspan-os10.2.7any
paloaltonetworkspan-os10.2.7any
paloaltonetworkspan-os10.2.8any
paloaltonetworkspan-os10.2.8any
paloaltonetworkspan-os10.2.8any
paloaltonetworkspan-os10.2.8any
paloaltonetworkspan-os10.2.8any
paloaltonetworkspan-os10.2.8any
paloaltonetworkspan-os10.2.8any
paloaltonetworkspan-os10.2.8any
paloaltonetworkspan-os10.2.9any
paloaltonetworkspan-os10.2.9any
paloaltonetworkspan-os10.2.9any
paloaltonetworkspan-os10.2.9any
paloaltonetworkspan-os10.2.9any
paloaltonetworkspan-os10.2.9any
paloaltonetworkspan-os10.2.9any
paloaltonetworkspan-os10.2.9any
paloaltonetworkspan-os10.2.12any
paloaltonetworkspan-os10.2.12any
paloaltonetworkspan-os10.2.12any
paloaltonetworkspan-os10.2.12any
paloaltonetworkspan-os10.2.12any
paloaltonetworkspan-os10.2.13any
paloaltonetworkspan-os10.2.13any
paloaltonetworkspan-os10.2.13any
paloaltonetworkspan-os11.1.6any
paloaltonetworkspan-os11.2.4any
paloaltonetworkspan-os11.2.4any
paloaltonetworkspan-os11.2.4any

References 2

  • security.paloaltonetworks.com https://security.paloaltonetworks.com/CVE-2025-0111
    Vendor Advisory
  • cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-0111
    US Government Resource

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.