CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-0115: PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI

6.8 CVSS

Description

A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files.

This issue does not affect Cloud NGFW or Prisma Access.

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.8

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber

Vendor: Palo Alto Networks, Palo Alto Networks, Palo Alto Networks

Product: PAN-OS, Cloud NGFW, Prisma Access

EPSS Score: 0.01% (probability of being exploited)

EPSS Percentile: 0.75% (scored less or equal to compared to others)

EPSS Date: 2025-04-10 (when was this score calculated)

2025-03-12 16:15:20 UTC
Palo Alto Networks Security Advisories

CVE-2025-0115 PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI (Severity: MEDIUM)
2025-03-12 19:40:15 UTC
CVE

PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI