About the Vulnerability

Introduction

PAN-OS is an operating system developed by Palo Alto Networks, designed to provide comprehensive security protection for enterprise networks. This operating system is highly scalable and flexible, capable of adapting to network environments of various sizes and types. PAN-OS integrates a variety of security features, including firewalls, intrusion detection and prevention, and virtual private networks, effectively safeguarding enterprise networks against a wide range of cyber threats. Additionally, PAN-OS offers an intuitive and user-friendly management interface along with robust analytical tools, enabling enterprise administrators to better manage and protect their networks.

Summary

On February 13, 2025, Sangfor FarSight Labs received notification that a Palo Alto Networks PAN-OS component contains information of Authentication Bypass vulnerability(CVE-2025-0108), classified as high in threat level.

Palo Alto Networks PAN-OS contains an authentication bypass vulnerability. Unauthorized attackers can exploit this vulnerability to bypass permission access to the management web interface and further execute arbitrary code via PHP scripts, leading to server compromise.

Affected Versions

PAN-OS 11.2 < 11.2.4-h4

PAN-OS 11.1 < 11.1.6-h1

PAN-OS 10.2 < 10.2.13-h3

PAN-OS 10.1 < 10.1.14-h9

Vulnerability Reproduction

This vulnerability has been reproduced by Sangfor FarSight Labs.

CVE-2025-0108

Solutions

Remediation Solutions

Official Solution

The latest version has been officially released to fix the vulnerability. Affected users are recommended to update the version of Palo Alto Networks PAN-OS to the following versions.

PAN-OS 11.2.4-h4

PAN-OS 11.1.6-h1

PAN-OS 10.2.13-h3

PAN-OS 10.1.14-h9

Download link:

https://security.paloaltonetworks.com/CVE-2025-0108

Sangfor Solutions

Vulnerability Proactive Detection

Support is provided for proactive detection of Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108); and it is capable of quickly batch identifying whether there are vulnerability risks in business scenarios. Related products are as follows:

[Sangfor Cyber Guardian MDR] is expected to release a detection scheme on February 17, 2025, with Rule ID: SF-0005-01002.

[Sangfor Omni-Command XDR] is expected to release a detection scheme on February 16, 2025, with Rule ID: SF-2025-01001.

Vulnerability Security Detection

Support is provided for monitoring Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108); and it is capable of monitoring the affected asset conditions in business scenarios in real-time based on traffic collection, and quickly checking the scope of impact. Related products and services are as follows:

[Sangfor Cyber Command] is expected to release a monitoring scheme on February 21, 2025, with Rule ID: 11027454.

[Sangfor Cyber Guardian MDR] is expected to release a monitoring scheme on February 21, 2025 (requiring Cyber Command component capabilities), with Rule ID: 11027454.

[Sangfor Omni-Command XDR] is expected to release a monitoring scheme on February 21, 2025, with Rule ID: 11027454.

Security Protection

Support is provided for defense against Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108); and it is capable of blocking attackers' intrusion targeting this event. Related products and services are as follows:

[Sangfor Network Secure] is expected to release a protection scheme on February 21, 2025, with Rule ID: 11027454.

[Sangfor WAF] is expected to release a protection scheme on February 21, 2025, with Rule ID: 11027454.

[Sangfor Cyber Guardian MDR] is expected to release a protection scheme (requiring Network Secure component capabilities) on February 21, 2025, with Rule ID: 11027454.

[Sangfor Omni-Command XDR] is expected to release a protection scheme (requiring Network Secure component capabilities) on February 21, 2025, with Rule ID: 11027454.

Timeline

On February 13, 2025, Sangfor FarSight Labs received notification of Palo Alto Networks PAN-OS Authentication Bypass Vulnerability.

On February 13, 2025, Sangfor FarSight Labs released a vulnerability alert.

Reference

https://security.paloaltonetworks.com/CVE-2025-0108

Listen To This Post

Search

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Name
Email Address
Business Phone Number
Tell us about your project requirements

Related Articles

CVE-2024-55591: FortiOS and FortiProxy Authentication Bypass Vulnerability

Date : 26 Mar 2025
Read Now

Roundup of Microsoft Patch Tuesday (March 2025)

Date : 14 Mar 2025
Read Now

CVE-2025-24813: Apache Tomcat Remote Code Execution Vulnerability

Date : 11 Mar 2025
Read Now

See Other Product

Sangfor Omni-Command
Replace your Enterprise NGAV with Sangfor Endpoint Secure
SASE ROI Calculator - Assess Sangfor SASE’s Total Economic Impact
Cyber Command - NDR Platform
Endpoint Secure
Internet Access Gateway (IAG)