Vulnerability cyber

Palo Alto Networks

Jun 12, 2025 1 min read
Palo Alto Networks

A newly disclosed command injection vulnerability in Palo Alto Networks’ PAN-OS operating system poses significant security risks to enterprise firewall infrastructures worldwide. The vulnerability, catalogued as CVE-2025-4230, enables authenticated administrators with command-line interface (CLI) access to execute arbitrary commands with root-level privileges, potentially compromising entire network security architectures. This flaw allows malicious actors to exploit insufficient input validation within the PAN-OS CLI interface, enabling them to bypass system restrictions and execute unauthorized commands with elevated privileges.

Source: https://cybersecuritynews.com/pan-os-admin-command-injection-vulnerability/

TPRM report: https://scoringcyber.rankiteo.com/company/palo-alto-networks

"id": "pal304061225",
"linkid": "palo-alto-networks",
"type": "Vulnerability",
"date": "6/2025",
"severity": "25",
"impact": "",
"explanation": "Attack without any consequences: Attack in which data is not compromised"
{'affected_entities': [{'industry': 'Network Security',
                        'name': 'Palo Alto Networks',
                        'type': 'Enterprise'}],
 'attack_vector': 'Authenticated administrator with CLI access',
 'date_publicly_disclosed': '2025-06-11',
 'description': 'A newly disclosed command injection vulnerability in Palo '
                'Alto Networks’ PAN-OS operating system poses significant '
                'security risks to enterprise firewall infrastructures '
                'worldwide.',
 'impact': {'systems_affected': 'PAN-OS 11.2 versions prior to 11.2.6, PAN-OS '
                                '11.1 versions before 11.1.10, PAN-OS 10.2 '
                                'versions earlier than 10.2.14, and PAN-OS '
                                '10.1 versions before 10.1.14-h15'},
 'initial_access_broker': {'entry_point': 'CLI access'},
 'post_incident_analysis': {'corrective_actions': 'Patching and restricting '
                                                  'administrative access',
                            'root_causes': 'Insufficient input validation '
                                           'within the PAN-OS CLI interface'},
 'recommendations': 'Implement additional access controls limiting CLI access '
                    'to essential personnel only.',
 'response': {'remediation_measures': 'Upgrade to PAN-OS 11.2.6, 11.1.10, '
                                      '10.2.14, or 10.1.14-h15'},
 'title': 'PAN-OS Admin Command Injection Vulnerability',
 'type': 'Command Injection',
 'vulnerability_exploited': 'CVE-2025-4230'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.