Palo Alto Networks recently patched several vulnerabilities in its PAN-OS that are now being actively exploited. The vulnerabilities include CVE-2024-9474, a privilege escalation issue rating 6.9, and CVE-2025-0108, an authentication bypass rated at 8.8. Attackers can chain these incidents along with CVE-2025-0111 to escalate privileges and achieve root access. This poses serious risks for compromised systems. Users are urged to update their PAN-OS systems promptly to mitigate these risks, although the company has stated that its Cloud NGFW and Prisma Access services are unaffected.
A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two older vulnerabilities, allows attackers to gain root access to affected systems.
Palo Alto (PAN) last week fixed that problem, CVE-2025-0108, and rated it a highest urgency patch as the 8.8/10 flaw addressed an access control issue in PAN-OS's web management interface.
Collection
[
|
...
]