Primary

Context

Palo Alto Networks PAN-OS Command Injection Vulnerability in the Management Web Interface

Vulnerability

Patched

A command injection vulnerability exists in Palo Alto Networks PAN-OS, allowing an authenticated administrative user to execute actions as the root user. This vulnerability requires network access to the management web interface and successful authentication. It does not affect Cloud NGFW or Prisma Access.

Impact

Exploitation of this vulnerability allows for command injection, with the potential for privilege escalation to the root user.

Remediation

Users can upgrade to PAN-OS 11.0.3 or 10.2.8 or later. For PAN-OS 10.1, upgrade to 10.2.8 or 11.0.3 or later. Consult the Palo Alto Networks Customer Support Portal for guidance on securing management interface access.

Added: Jun 13, 2025, 12:17 AM

Updated: Jun 13, 2025, 12:17 AM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

4.4

remediation

8.3

relevance

0.2

threat

0.0

urgency

5.7

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

4.4

remediation

8.3

relevance

0.2

threat

0.0

urgency

5.7

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Palo Alto Networks PAN-OS Command Injection Vulnerability in the Management Web Interface

Vulnerability

Impact

Remediation

Affected Products

Palo Alto Networks PAN-OS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating