Palo Alto security patches: Firewalls with PAN-OS are vulnerable
The IT security company Palo Alto Networks closes several gaps in PAN-OS and Prisma Access Browser, among others.
(Image: Artur Szczybylo/Shutterstock.com)
Attackers can attack firewalls from Palo Alto Networks. Attacks on Cortex XDR Broker, GlobalProtect, MetaDefender Endpoint Security SDK and Prisma Access Browser are also conceivable.
Various starting points for attackers
As can be seen from the security section of the Palo Alto website, most of the vulnerabilities affect the PAN-OS firewall operating system. It is misleading that Palo Alto indicates the severity of the vulnerabilities here with a CVSS-BT score of 4.0. However, the base score (CVSS-B) is decisive for classifying the risk posed by vulnerabilities. As a result, many vulnerabilities are displayed in the overview with a threat level of "medium", while "high" applies to CVSS-B.
Attackers can, for example, use a PAN-OS vulnerability (CVE-2025-0130 "high") for DoS attacks without authentication using prepared packages. Various versions of PAN-OS 11 are affected. PAN-OS 10 is not vulnerable in this context. Support for PAN-OS 11.0 has expired and there are no more security updates for it. An upgrade is due here. The versions 11.1.6-h1, 11.1.7-h2, 11-1-8 and 11.2.5 are protected.
The GlobalProtect security solution is vulnerable to several attacks. For example, a locally authenticated attacker can gain system rights(CVE-2025-0132 "high"). The developers state that they have solved the security problem in versions 6.2.8 and 6.3.3.
Videos by heise
Several vulnerabilities threaten Prisma Access Browser; the overall rating is"critical". Attackers can trigger memory errors at these points. This often allows malicious code to reach computers. Versions 135.16.8.96 and 136.11.9.93 are protected against this.
Palo Alto explains that they currently have no evidence of attacks. It remains unclear how admins can recognize instances that have already been attacked.
(des)
