CVE-2025-4229
Description
An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW and Prisma® Access are not affected by this vulnerability.
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2025-4229? +
How do I check if I'm vulnerable to CVE-2025-4229? +
Related Vulnerabilities
Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere …
An Exposure of Sensitive System Information to an Unauthorized Control Sphere and Initialization of a Resource with an Insecure Default …
SES safely executes third-party JavaScript 'strict' mode programs in compartments that have no excess authority in their global scope. Prior …
The affected products could allow an unauthenticated attacker to access system information that could enable further access to sensitive files …
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. The vulnerability …
MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access (e.g. via a malicious …