CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-0132: Cortex XDR Broker VM: Unauthenticated User Can Disable Internal Services

6.9 CVSS

Description

A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM.

The attacker must have network access to the Broker VM to exploit this issue.

Classification

CVE ID: CVE-2025-0132

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.9

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber

Problem Types

CWE-306 Missing Authentication for Critical Function

Affected Products

Vendor: Palo Alto Networks

Product: Cortex XDR Broker VM

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.1% (probability of being exploited)

EPSS Percentile: 29.18% (scored less or equal to compared to others)

EPSS Date: 2025-06-12 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-0132
https://security.paloaltonetworks.com/CVE-2025-0132

Timeline

2025-05-14 16:30:43 UTC
Palo Alto Networks Security Advisories

CVE-2025-0132 Cortex XDR Broker VM: Unauthenticated User Can Disable Internal Services (Severity: LOW)
2025-05-14 19:40:16 UTC
CVE

Cortex XDR Broker VM: Unauthenticated User Can Disable Internal Services