Close Menu
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
What's Hot

Taylor Swift and Travis Kelsey wed in New York

Taylor Swift & Travis Kelce’s Relationship: A Timeline

Taylor Swift’s wedding guests wore monochrome gold, red and black

Facebook X (Twitter) Instagram
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
Facebook X (Twitter) Instagram
FYMOUS News
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
FYMOUS News
Home » Palo Alto Networks Patch Authentication Bypass Exploit with PALO-OS Software
Celebrities

Palo Alto Networks Patch Authentication Bypass Exploit with PALO-OS Software

By February 13, 2025No Comments2 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

February 13, 2025Ravi LakshmananNetwork Security/Vulnerabilities

Exploit with PAN-OS software

Palo Alto Networks addresses the advanced security flaws in Pan-OS software that can result in authentication bypassing.

The vulnerability tracked as CVE-2025-0108 has a CVSS score of 7.8 out of 10.0. However, if access to the management interface is restricted to a jumpbox, the score will drop to 5.1.

“Palo Alto Networks Pan-OS software authentication bypassing enables unauthorized attackers with network access to the management web interface, bypassing the required authentication for the PAN-OS management web interface, and allowing specific PHP scripts to be used. I’ll call you” in the advisory.

“While calling these PHP scripts does not enable remote code execution, it can have a negative impact on the integrity and confidentiality of PAN-OS.”

The vulnerability affects the following versions –

PAN-OS 11.2 <11.2.4-H4(> = Fixed to 11.2.4-H4) PAN-OS 11.1 <11.1.6-H1(> = Fixed at 11.1.6-H1) PAN-OS 11.0 (Fixed fixed version supported as end-of-life status was reached on 17 November 2024) PAN-OS 10.2 <10.2.13-H3(> = 10.2.13-H3 Pan-H3-H3-H3 <10.1.14-H9( > = Fixed in 10.1.14-H9)

Searchlight Cyber/Assetnote Security Researcher Adam Kues has been admitted to discovering and reporting the defect, and the security flaws are related to inconsistencies in the way the interface’s Nginx and Apache components handle incoming requests He said.

Cybersecurity

Palo Alto Networks has also sent out an update to resolve two other defects –

CVE-2025-0109 (CVSS score: 5.5) – Palo Alto Alto Networks Pan-OS Management Web interface uncertified file deletion vulnerability. Contains limited logs and configuration files that allow attackers who have access to the network to the management web interface to delete certain files as “who” users (PAN-OS versions 11.2.4-H4, 11.1.6 -H1, 10.2.13-H3, and 10.1.14-H9) CVE-2025-0110 (CVSS score: 7.3) – Palo Alto Networks Command Injection Vulnerability PAN-OS OpenConFig plugin is a PAN-OS management web interface Make GNMI requests to enable authenticated administrators with the ability to bypass system restrictions and execute arbitrary commands (fixed plugin version 2.1.2 with PAN-OS OpenConfig)

To mitigate the risk poses by vulnerabilities, we strongly recommend disabling access to the management interface from the Internet or untrusted network. Customers who do not use OpenConFig can choose to disable or uninstall the plugin from the instance.

Did you find this article interesting? Follow us on Twitter and LinkedIn to read exclusive content you post.

Source link

Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleFinalDraft Malware Explore Microsoft Graph APIs for Windows and Linux Spy
Next Article New research highlights the benefits of natural flood management

Related Posts

Taylor Swift’s wedding guests wore monochrome gold, red and black

July 3, 2026

Karlie Kloss uses Tove’s Liquid Gold at Taylor Swift’s wedding

July 3, 2026

Taylor Swift’s wedding look in Sombre: Kyosuke Kunimoto suit

July 3, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

Taylor Swift and Travis Kelsey wed in New York

Taylor Swift & Travis Kelce’s Relationship: A Timeline

Taylor Swift’s wedding guests wore monochrome gold, red and black

Why is everyone so fascinated by Taylor Swift’s wedding?

Trending Posts

Taylor Swift and Travis Kelsey wed in New York

July 3, 2026

Taylor Swift & Travis Kelce’s Relationship: A Timeline

July 3, 2026

Taylor Swift’s wedding guests wore monochrome gold, red and black

July 3, 2026

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to The FYMOUS, a modern digital media platform dedicated to celebrities, artists, influencers, brands, entertainment culture, and the growing TwinH ecosystem.

We bring audiences closer to the people, stories, trends, and collaborations shaping today’s culture. From exclusive celebrity news and music releases to influencer highlights, brand partnerships, and TwinH activations, The FYMOUS delivers engaging content designed for the next generation of digital audiences.

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
© 2026 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.