One Article Review
| Source |  Techworm |
|---|---|
| Identifiant | 8648512 |
| Date de publication | 2025-02-14 21:34:33 (vue: 2025-02-14 16:53:37) |
| Titre | Palo Alto Networks Patches Critical Vulnerability In PAN-OS |
| Texte | Palo Alto Networks on Wednesday issued a security advisory stating that it has addressed a high-severity authentication bypass vulnerability in its PAN-OS software. For those unaware, PAN-OS is software that runs all Palo Alto Networks’ next-generation firewalls (NGFWs) and security appliances. It is designed to provide advanced network security, threat prevention, and traffic management capabilities for enterprises, service providers, and government organizations. The high-severity vulnerability, identified as CVE-2025-0108 (CVSS score: 7.8), stems from the problem of path processing by Nginx/Apache in PAN-OS. If successfully exploited, it could allow an attacker to bypass PAN-OS management web interface authentication and invoke specific PHP scripts, potentially gaining access to sensitive system data or exploiting underlying vulnerabilities. “An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts,” Palo Alto Networks wrote in the advisory published on Wednesday. “While invoking these PHP scripts does not enable remote code execution, it can negatively impact the integrity and confidentiality of PAN-OS.” The flaw affects multiple versions of PAN-OS, which are as follows: PAN-OS 11.2 < 11.2.4-h4 (fixed in 11.2.4-h4 or later) PAN-OS 11.1 < 11.1.6-h1 (fixed in 11.1.6-h1 or later) PAN-OS 10.2 < 10.2.13-h3 (fixed in 10.2.13-h3 or later) PAN-OS 10.1 < 10.1.14-h9 (fixed in 10.1.14-h9 or later) Further, the PAN-OS versions: PAN-OS 10.1 >= 10.1.14-h9, PAN-OS 10.2 >= 10.2.13-h3, PAN-OS 11.1 >= 11.1.6-h1, and PAN-OS 11.2 >= 11.2.4-h4, remain unaffected by the vulnerability. It also does not affect Cloud NGFW and Prisma Access software. The company has urged all its affected customers to apply the latest patch for PAN-OS immediately. It has also advised users to review firewall logs for any suspicious activity related to the vulnerability, follow Palo Alto Networks\' best practices for securing network environments, and engage in threat intelligence monitoring to stay updated on emerging risks. The CVE-2025-0108 vulnerability was discovered by Adam Kues, a security researcher at Assetnote, which is part of Searchlight Cyber, who reported it to Palo Alto. The Assetnote researchers encountered this flaw while analyzing the patches for previous PAN-OS flaws -CVE-2024-0012 and CVE-2024-9474 - that were exploited in the wild. “Our research reveals that while Palo Alto Networks’s recent patches addressed the known vulnerabilities, the underlying architecture of PAN-OS contains additional security flaws within the same vulnerability class,” said Shubham (Shubs) Shah, CTO and Co-Founder at Assetnote. “This highlights a critica |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | “an “our “this “while 0012 and cve 0108 2024 2025 9474 access according activity adam additional addressed addressing advanced advised advisory affect affected affects all allow all palo also alto analyzing any appliances apply architecture are assetnote assigned attacker authentication best bypass can capabilities certain class cloud code company confidentiality consider considers contains could critical cto customers cve cvss cyber data designed discovered does emerging enable enables encountered engage enterprises environments execution exploitation exploited exploiting firewall flaw flaws follow follows: founder from further gaining generation firewalls government has high highlights holistic identified immediately impact incidents indication integrity intelligence interface invoke invoking issued is part its its pan known kues latest logs malicious management moderate monitoring multiple need negatively network networks networks’ networks’s networks wrote next ngfw ngfws nginx/apache not organizations otherwise palo pan patch patches path php potentially practices prevention previous prisma problem processing provide providers published rating recent related remain remote reported required research researcher researchers reveals review reviews risks runs said same score: scripts searchlight securing security sensitive service severity shah shubham shubs software specific stating stay stems successfully suspicious system these those threat traffic unaffected unauthenticated unaware underlying updated urged urgency users vendor vendors versions versions: vulnerabilities vulnerability web wednesday when which who wild within |
| Tags | Vulnerability Threat Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.