CVE-2025-4231

PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface

CVSS 8.6 HIGHEPSS 1.0%CWE-77

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 8.6EPSS 1.0%KEV nãoPoC —Patch referenciado

Ciclo de vida

12 jun 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber

Produtos afetados

Palo Alto Networks · Cloud NGFW Palo Alto Networks · PAN-OS Palo Alto Networks · Prisma Access

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://security.paloaltonetworks.com/CVE-2025-4231