CVE-2025-0108 PAN-OS

CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.

You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines.

This issue does not affect Cloud NGFW or Prisma Access software.

Affected Systems

IoC’s

-

Recommended Solution(s)

Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our best practices deployment guidelines. Specifically, you should restrict management interface access to only trusted internal IP addresses.

CVE / CWE

CVE-2025-0108

Related Website(s)

• https://nvd.nist.gov/vuln/detail/CVE-2025-0108
• https://security.paloaltonetworks.com/CVE-2025-0108

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.