CVE-2025-0111 - Palo Alto Networks PAN-OS File Read Vulnerability
Project:Palo Alto Networks
Product:PAN-OS
Date Added:2025-02-20Due Date:2025-03-13
Vulnerability Name
Palo Alto Networks PAN-OS File Read Vulnerability
Description
Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://security.paloaltonetworks.com/CVE-2025-0111
https://nvd.nist.gov/vuln/detail/CVE-2025-0111
Related News Articles
CISA flags Craft CMS code injection flaw as exploited in attacksFebruary 21, 2025
