CVE-2025-0115
Description
A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files. The attacker must have network access to the management interface (web, SSH, console, or telnet) and successfully authenticate to exploit this issue. You can greatly reduce the risk of this issue by restricting access to the management interface to only trusted users and internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access.
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2025-0115? +
How do I check if I'm vulnerable to CVE-2025-0115? +
Related Vulnerabilities
An Improper Resolution of Path Equivalence vulnerability [CWE-41] in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.11 may …
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.4 and 18.11 before 18.11.1 that …
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in …
Windows Security Zone Mapping Security Feature Bypass Vulnerability
In lunary-ai/lunary, the privilege check mechanism is flawed in version git afc5df4. The system incorrectly identifies certain endpoints as public …
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily delete a file. IBM …