CVE-2025-0111

MEDIUM KEV

Palo Alto Networks PAN-OS - Info Disclosure

Title source: llm

Description

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.

References (2)

[Vendor Advisory] https://security.paloaltonetworks.com/CVE-2025-0111

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-0111

Scores

CVSS v3 6.5

EPSS 0.0366

EPSS Percentile 87.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CISA KEV 2025-02-20

VulnCheck KEV 2025-02-18

ENISA EUVD EUVD-2025-1508

CWE

CWE-610 CWE-73

Status published

Products (9)

paloaltonetworks/pan-os 10.1.14 (5 CPE variants)

paloaltonetworks/pan-os 10.2.7 (10 CPE variants)

paloaltonetworks/pan-os 10.2.8 (8 CPE variants)

paloaltonetworks/pan-os 10.2.9 (8 CPE variants)

paloaltonetworks/pan-os 10.2.12 (5 CPE variants)

paloaltonetworks/pan-os 10.2.13 (3 CPE variants)

paloaltonetworks/pan-os 11.1.6

paloaltonetworks/pan-os 11.2.4 (3 CPE variants)

paloaltonetworks/pan-os 10.1.0 - 10.1.14

Published Feb 12, 2025

KEV Added Feb 20, 2025

Tracked Since Feb 18, 2026