CVE-2025-0111

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 12, 2025

Updated: Feb 21, 2025

CWE ID 610

CWE ID 73

Summary

CVE-2025-0111 is an authenticated file read vulnerability affecting Palo Alto Networks PAN-OS software. An attacker with network access to the management web interface can read files on the PAN-OS filesystem that have "nobody" user permissions. To minimize the risk, it is recommended to restrict access to the management web interface solely to trusted internal IP addresses, as outlined in Palo Alto's best practices deployment guidelines. This vulnerability does not affect Cloud NGFW or Prisma Access software.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

PAN-OS

Affected Vendors

Palo Alto Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3DSNPd
https://www.cve.org/CVERecord?id=CVE-2025-0111
https://nvd.nist.gov/vuln/detail/CVE-2025-0111

Back to Vulnerability Database