CVE-2025-0111 - Palo Alto Networks PAN-OS File Read Vulnerability

Palo Alto Networks | PAN-OS

• Date Added:
• 2025-02-20

• Due Date:
• 2025-03-13

Vulnerability Name

Palo Alto Networks PAN-OS File Read Vulnerability

Description

Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://security.paloaltonetworks.com/CVE-2025-0111 ; https://nvd.nist.gov/vuln/detail/CVE-2025-0111

Top Security News

Content Credentials Technology Verifies Image, Video Authenticity

New NailaoLocker ransomware used against EU healthcare orgs

Windows Server 2025 released—here are the new features

Chinese hackers abuse Microsoft APP-v tool to evade antivirus

Microsoft: Hackers steal emails in device code phishing attacks

PirateFi game on Steam caught installing password-stealing malware

Sniffnet: Free, open-source network monitoring

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back

Top Alert List

Content Security Policy (CSP) Header Not Set

CSP

MediumMissing Anti-clickjacking Header

MediumAbsence of Anti-CSRF Tokens

InformationalInformation Disclosure - Suspicious Comments

MediumContent Security Policy (CSP) Header Not Set

LowCross-Domain JavaScript Source File Inclusion

InformationalModern Web Application

HighPII Disclosure

InformationalRe-examine Cache-control Directives

Top CVE List

CVE-2024-41710 Mitel SIP Phones Argument Injection Vulnerability

CVE-2025-0108 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

CVE-2017-3881 Cisco IOS and IOS XE Remote Code Execution Vulnerability

CVE-2025-0411 7-Zip Mark of the Web Bypass Vulnerability

CVE-2025-0994 Trimble Cityworks Deserialization Vulnerability

CVE-2024-43572 Microsoft Windows Management Console Remote Code Execution Vulnerability

CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability

CVE-2025-21418 Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability

CVE-2017-6736 Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability

Top CWE List

HighCWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CWE-693 Protection Mechanism Failure

CWE-201 Insertion of Sensitive Information Into Sent Data

CWE-1021 Improper Restriction of Rendered UI Layers or Frames

CWE-581 Object Model Violation: Just One of Equals and Hashcode Defined

CWE-1426 Improper Validation of Generative AI Output

HighCWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-284 Improper Access Control

MediumCWE-352 Cross-Site Request Forgery (CSRF)

CWE-359 Exposure of Private Personal Information to an Unauthorized Actor