FKIE_CVE-2025-0111

Vulnerability from fkie_nvd - Published: 2025-02-12 21:15 - Updated: 2025-11-04 16:49
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.
References
psirt@paloaltonetworks.comhttps://security.paloaltonetworks.com/CVE-2025-0111Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-0111US Government Resource
Impacted products
Vendor Product Version
paloaltonetworks pan-os *
paloaltonetworks pan-os *
paloaltonetworks pan-os *
paloaltonetworks pan-os *
paloaltonetworks pan-os *
paloaltonetworks pan-os 10.1.14
paloaltonetworks pan-os 10.1.14
paloaltonetworks pan-os 10.1.14
paloaltonetworks pan-os 10.1.14
paloaltonetworks pan-os 10.1.14
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.7
paloaltonetworks pan-os 10.2.8
paloaltonetworks pan-os 10.2.8
paloaltonetworks pan-os 10.2.8
paloaltonetworks pan-os 10.2.8
paloaltonetworks pan-os 10.2.8
paloaltonetworks pan-os 10.2.8
paloaltonetworks pan-os 10.2.8
paloaltonetworks pan-os 10.2.8
paloaltonetworks pan-os 10.2.9
paloaltonetworks pan-os 10.2.9
paloaltonetworks pan-os 10.2.9
paloaltonetworks pan-os 10.2.9
paloaltonetworks pan-os 10.2.9
paloaltonetworks pan-os 10.2.9
paloaltonetworks pan-os 10.2.9
paloaltonetworks pan-os 10.2.9
paloaltonetworks pan-os 10.2.12
paloaltonetworks pan-os 10.2.12
paloaltonetworks pan-os 10.2.12
paloaltonetworks pan-os 10.2.12
paloaltonetworks pan-os 10.2.12
paloaltonetworks pan-os 10.2.13
paloaltonetworks pan-os 10.2.13
paloaltonetworks pan-os 10.2.13
paloaltonetworks pan-os 11.1.6
paloaltonetworks pan-os 11.2.4
paloaltonetworks pan-os 11.2.4
paloaltonetworks pan-os 11.2.4
To clipboard 

{
  "cisaActionDue": "2025-03-13",
  "cisaExploitAdd": "2025-02-20",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Palo Alto Networks PAN-OS File Read Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D52DC1-4441-4C88-B209-9B86FCC2162F",
              "versionEndExcluding": "10.1.14",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "243077CD-5021-4DF3-8AC7-5B14F7FD9710",
              "versionEndExcluding": "10.2.7",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9BD5E2D-61D2-4872-ACD1-D5B442CC809D",
              "versionEndExcluding": "10.2.12",
              "versionStartIncluding": "10.2.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "855047CA-ABFA-4F3D-AF98-245D14B75798",
              "versionEndExcluding": "11.1.6",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4D3A51-0A40-4B19-AAFC-A2484B1CF5D7",
              "versionEndExcluding": "11.2.4",
              "versionStartIncluding": "11.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*",
              "matchCriteriaId": "B41A7115-A370-49E1-B162-24803E6DD2CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*",
              "matchCriteriaId": "65949A49-03A7-491C-B327-127F050AC4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*",
              "matchCriteriaId": "E8ACB147-B4C1-4964-B538-EAA117CC6DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*",
              "matchCriteriaId": "6643574D-C024-440C-9392-004B7FA4498F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*",
              "matchCriteriaId": "7422F37D-7ABA-4BEC-8448-45A8F585D6F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "A8C42D98-CF8F-456B-9D57-80BBDC2C8E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
              "matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
              "matchCriteriaId": "AA4994CB-6591-4B44-A5D7-3CDF540B97DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
              "matchCriteriaId": "A6AB7874-FE24-42AC-8E3A-822A70722126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*",
              "matchCriteriaId": "34B083B9-CC1B-43CD-9A16-C018F7FA2DDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*",
              "matchCriteriaId": "0D88CC33-7E32-4E82-8A94-70759E910510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*",
              "matchCriteriaId": "FA91A4E9-CE1E-4CB8-B717-4B0E314C0171",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
              "matchCriteriaId": "776E06EC-2FDA-4664-AB43-9F6BE9B897CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
              "matchCriteriaId": "CBE09375-A863-42FF-813F-C20679D7C45C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
              "matchCriteriaId": "1311961A-0EF6-488E-B0C2-EDBD508587C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "5D64390F-F870-4DBF-B0FE-BCDFE58C8685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
              "matchCriteriaId": "F70FC9DF-10C9-4AE5-B64B-3153E2E4E9E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
              "matchCriteriaId": "C3D6D552-6F33-496A-A505-5F59DF3B487B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*",
              "matchCriteriaId": "D1ECD1DC-5A05-4E4F-97F5-136CE777FAB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h18:*:*:*:*:*:*",
              "matchCriteriaId": "347E5938-24FF-4C2C-B823-988D34706E24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h19:*:*:*:*:*:*",
              "matchCriteriaId": "C889402F-138A-45B9-BBCF-91FD18A0B810",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
              "matchCriteriaId": "CBA2B4FA-16C2-41B9-856D-EDC0CAF7A164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
              "matchCriteriaId": "E5E6A893-2994-40A3-AF35-8AF068B0DE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
              "matchCriteriaId": "D814F3A3-5E9D-426D-A654-1346D9ECE9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
              "matchCriteriaId": "8C7E9211-7041-4720-B4B9-3EA95D425263",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
              "matchCriteriaId": "CEB258EE-2C6E-4A63-B04C-89C5F76B0878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
              "matchCriteriaId": "0F481B0E-2353-4AB0-8A98-B0EFBC409868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*",
              "matchCriteriaId": "3F7FC771-527F-4619-B785-6AE1F4722074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h18:*:*:*:*:*:*",
              "matchCriteriaId": "CCC2A6DA-EB48-42CD-9234-A80C3F6AEFAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h19:*:*:*:*:*:*",
              "matchCriteriaId": "046874F8-7DA7-4E2A-99BF-509424E6CCBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
              "matchCriteriaId": "4E9EB9C6-78BA-4C66-A4BD-856BF27388CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:*:*:*:*:*:*",
              "matchCriteriaId": "3D33A0FB-7538-42BF-84E8-7CCD7EEF9355",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:*:*:*:*:*:*",
              "matchCriteriaId": "FB95D77F-1263-4D47-A0BB-94A6DA937115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h2:*:*:*:*:*:*",
              "matchCriteriaId": "8EA4C2A7-18CD-4232-B08C-99BEFE497A57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h3:*:*:*:*:*:*",
              "matchCriteriaId": "357B747E-F960-4AA9-8696-B3BD89933630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h4:*:*:*:*:*:*",
              "matchCriteriaId": "1FDB3D90-6656-49C5-9852-1F987BAEF0F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:*",
              "matchCriteriaId": "C2B871A6-0636-42A0-9573-6F693D7753AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:*",
              "matchCriteriaId": "F1FC63B8-B8D9-4EC1-85CA-2E12B38ACD3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:*",
              "matchCriteriaId": "60CE628F-C4CB-4342-8D71-DE61A089B612",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "52C50A07-F4D8-4F1F-BA61-3429BB1721BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "C01AD190-F3C2-4349-A063-8C5C78B725B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:*",
              "matchCriteriaId": "30F4CD1C-6862-4279-8D2D-40B4D164222F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:*",
              "matchCriteriaId": "A52B7A7A-483A-4075-B1E9-5C14B66F7FC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the \u201cnobody\u201d user.\n\nYou can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended  best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\n\n\nThis issue does not affect Cloud NGFW or Prisma Access software."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de lectura de archivos autenticados en el software PAN-OS de Palo Alto Networks permite que un atacante autenticado con acceso de red a la interfaz web de administraci\u00f3n lea archivos en el sistema de archivos PAN-OS que son legibles por el usuario \u201cnobody\u201d. Puede reducir en gran medida el riesgo de este problema al restringir el acceso a la interfaz web de administraci\u00f3n solo a direcciones IP internas de confianza de acuerdo con nuestras pautas de implementaci\u00f3n de mejores pr\u00e1cticas recomendadas https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431. Este problema no afecta al software Cloud NGFW ni a Prisma Access."
    }
  ],
  "id": "CVE-2025-0111",
  "lastModified": "2025-11-04T16:49:34.380",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NO",
          "Recovery": "USER",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "RED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "CONCENTRATED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Red",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-02-12T21:15:16.793",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.paloaltonetworks.com/CVE-2025-0111"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-0111"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-73"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-610"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.