CVE-2025-4231

PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface

CVSS 8.6 HIGHEPSS 1.0%CWE-77

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 8.6EPSS 1.0%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Lifecycle

12 Jun 2025Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber

Affected products

Palo Alto Networks · Cloud NGFW Palo Alto Networks · PAN-OS Palo Alto Networks · Prisma Access

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://security.paloaltonetworks.com/CVE-2025-4231