CVE-2025-0109

MEDIUM

Palo Alto Networks PAN-OS - Unauthenticated File Deletion

Title source: llm

Description

An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but does not include system files. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.

References (1)

[Various Sources] https://security.paloaltonetworks.com/CVE-2024-0109

Scores

CVSS v4 6.9

EPSS 0.0014

EPSS Percentile 33.1%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-73

Status published

Products (6)

Palo Alto Networks/Cloud NGFW All

Palo Alto Networks/PAN-OS 10.1.0 - 10.1.14-h9

Palo Alto Networks/PAN-OS 10.2.0 - 10.2.7-h24

Palo Alto Networks/PAN-OS 11.1.0 - 11.1.6-h1

Palo Alto Networks/PAN-OS 11.2.0 - 11.2.4-h4

Palo Alto Networks/Prisma Access All

Published Feb 12, 2025

Tracked Since Feb 18, 2026