Palo Alto Vulnerability Actively Exploited in the Wild

Resources
Palo Alto Vulnerability Actively Exploited in the Wild

Published:

Written by: Staff Editor
spot_img

Urgent Security Alert: Exploitation of Authentication Bypass Flaw in Palo Alto Networks PAN-OS

Cybersecurity Alert: Exploitation of Critical Flaw in Palo Alto Networks PAN-OS

In a growing cyber threat, attackers are exploiting a critical authentication bypass vulnerability identified in Palo Alto Networks’ PAN-OS software, allowing unauthorized users to circumvent security measures and execute specific PHP scripts. Designated as CVE-2025-0108, this zero-day flaw was disclosed on February 12 and is now of significant concern for cybersecurity professionals.

The Cybersecurity and Infrastructure Security Agency (CISA), alongside numerous security researchers, has reported a surge in attacks leveraging this vulnerability, affecting various PAN-OS versions including v11.2, v11.1, v10.2, and v10.1. Despite patches being released to remediate the issue, researchers from GreyNoise noted a dramatic increase in malicious IP addresses targeting vulnerable systems—from just two on February 13 to 25 by February 18—underscoring the urgency of the situation.

This flaw enables attackers to access the management interface of PAN-OS firewall devices, potentially compromising system integrity and confidentiality. Although the PHP scripts invoked do not directly facilitate remote code execution, they can lead to further exploits if other vulnerabilities are present. Industry experts have observed instances where CVE-2025-0108 was combined with two additional flaws, demonstrating attackers’ readiness to exploit every avenue.

Experts emphasize the importance of immediate action. "Organizations relying on PAN-OS firewalls should assume that unpatched devices are being targeted," cautioned Noah Stone of GreyNoise Intelligence. CISA’s addition of this vulnerability to its Known Exploited Vulnerabilities Catalog signals a critical call to action for affected organizations to implement available patches promptly.

For the safety of sensitive data and network integrity, it is imperative that organizations not only apply updates but also restrict access to the management interface, thus fortifying their defenses against this alarming and active threat.

spot_img

Related articles

Recent articles

China Unveils Mythos-Like AI as Tata Electronics Breach Exposes Secrets; Snyk Announces Layoffs

Global
China Unveils Mythos-Like AI as Tata Electronics Breach Exposes Secrets; Snyk Announces Layoffs Recent developments in the cybersecurity landscape reveal significant threats and challenges that...
Read more

Turkish Cypriot Administration Data Breach Exposes Records of Over 364,000 Individuals on Dark Web

Dark Watch
Turkish Cypriot Administration Data Breach Exposes Records of Over 364,000 Individuals on Dark Web The personal and medical records of more than 364,000 individuals registered...
Read more

Bucher Municipal Advances Cybersecurity by Shrinking Attack Surface and Eliminating Lateral Threat Movement with Zscaler

Features
Bucher Municipal Advances cybersecurity by Shrinking Attack Surface and Eliminating Lateral Threat Movement with Zscaler Bucher Municipal, a prominent supplier of vehicles and equipment for...
Read more

India’s BFSI Sector Faces 120% Surge in AI-Powered Threats: Zero Trust Architecture Essential for Cyber Resilience

Regional
India's BFSI Sector Faces 120% Surge in AI-Powered Threats: Zero Trust Architecture Essential for Cyber Resilience The cybersecurity landscape in India is undergoing a significant...
Read more