CVE-2025-4615

HIGH

Palo Alto Networks PAN-OS - Privilege Escalation

Title source: llm

Description

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. Cloud NGFW and Prisma® Access are not affected by this vulnerability.

Exploits (1)

nomisec WRITEUP

by sh00bx · poc

https://github.com/sh00bx/cve-2025-4615

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://security.paloaltonetworks.com/CVEN-2025-4615

Scores

CVSS v3 7.2

EPSS 0.0005

EPSS Percentile 16.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-83

Status published

Products (7)

Palo Alto Networks/Cloud NGFW All

Palo Alto Networks/PAN-OS 10.2.0 - 10.2.17

Palo Alto Networks/PAN-OS 11.1.0 - 11.1.4-h27

Palo Alto Networks/PAN-OS 11.2.0 - 11.2.8

Palo Alto Networks/PAN-OS 12.1.0

Palo Alto Networks/Prisma Access All

paloaltonetworks/pan-os 10.2.0 - 10.2.17

Published Oct 09, 2025

Tracked Since Feb 18, 2026