Palo Alto Networks has released patches for a high-severity security vulnerability (CVE-2025-0108) in its PAN-OS software, which could enable authentication bypass. The flaw carries a CVSS score of 7.8, reducing to 5.1 when management interface access is restricted to a jump box.

The vulnerability allows unauthenticated attackers with network access to bypass authentication on the management web interface and execute certain PHP scripts. While this doesn’t permit remote code execution, it compromises PAN-OS integrity and confidentiality.

Affected Versions and Fixes:
– PAN-OS 11.2: Fixed in version 11.2.4-h4
– PAN-OS 11.1: Fixed in version 11.1.6-h1
– PAN-OS 11.0: Requires upgrade (End-of-life)
– PAN-OS 10.2: Fixed in version 10.2.13-h3
– PAN-OS 10.1: Fixed in version 10.1.14-h9

Security researcher Adam Kues identified that the flaw stems from inconsistent request handling between Nginx and Apache components, enabling directory traversal attacks.

Additional Patches:
– CVE-2025-0109 (CVSS 5.5): Fixes unauthorized file deletion vulnerability
– CVE-2025-0110 (CVSS 7.3): Addresses command injection vulnerability in OpenConfig plugin

Recommended Mitigations:
1. Disable management interface access from untrusted networks
2. Disable or uninstall OpenConfig plugin if unused
3. Update to the latest patched versions