cvelistv5 - cve-2025-0114

CVE-2025-0114 (GCVE-0-2025-0114)

Vulnerability from cvelistv5

Published

2025-03-12 18:20

Modified

2025-03-12 18:34

Severity ?

8.2 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway. This issue does not apply to Cloud NGFWs or Prisma Access software.

References

►

URL

Tags

psirt@paloaltonetworks.com

https://security.paloaltonetworks.com/CVE-2025-0114

Impacted products

Vendor

Product

Version

►

Palo Alto Networks

PAN-OS

Patch: 11.2.0
Patch: 11.1.0
Version: 11.0.0   < 11.0.2
Version: 10.2.0   < 10.2.5
Version: 10.1.0   < 10.1.14-h11
    cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h10:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h9:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*

	Palo Alto Networks	Cloud NGFW	Patch: All
	Palo Alto Networks	Prisma Access	Patch: All

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0114",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-12T18:34:02.023259Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-12T18:34:48.122Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.2",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.5",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.14-h11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.14-h11",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect portal or gateway. You can verify whether you have a GlobalProtect portal or gateway configured on your firewall by checking entries in the firewall web interface (\u003cb\u003eNetwork\u003c/b\u003e \u0026gt; \u003cb\u003eGlobalProtect\u003c/b\u003e \u0026gt; \u003cb\u003ePortals\u003c/b\u003e and \u003cb\u003eNetwork\u003c/b\u003e \u0026gt; \u003cb\u003eGlobalProtect\u003c/b\u003e \u0026gt; \u003cb\u003eGateways\u003c/b\u003e)."
            }
          ],
          "value": "This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect portal or gateway. You can verify whether you have a GlobalProtect portal or gateway configured on your firewall by checking entries in the firewall web interface (Network \u003e GlobalProtect \u003e Portals and Network \u003e GlobalProtect \u003e Gateways)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "an external reporter"
        }
      ],
      "datePublic": "2025-03-12T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\u003cbr\u003e\u003cbr\u003eThis issue does not apply to Cloud NGFWs or Prisma Access software."
            }
          ],
          "value": "A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\n\nThis issue does not apply to Cloud NGFWs or Prisma Access software."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-125",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-125 Flooding"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-12T18:20:05.608Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2025-0114"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.0\u003c/td\u003e\u003ctd\u003e11.0.0 through 11.0.1\u003c/td\u003e\u003ctd\u003eUpgrade to 11.0.2 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.4\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.5 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.1\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.1.0 through 10.1.14\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.1.14-h11 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "Version\nMinor Version\nSuggested Solution\nPAN-OS 11.011.0.0 through 11.0.1Upgrade to 11.0.2 or laterPAN-OS 10.210.2.0 through 10.2.4\nUpgrade to 10.2.5 or laterPAN-OS 10.1\n10.1.0 through 10.1.14\nUpgrade to 10.1.14-h11 or later\nAll other older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version."
        }
      ],
      "source": {
        "defect": [
          "PAN-209208"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2025-03-12T16:00:00.000Z",
          "value": "Initial Publication"
        }
      ],
      "title": "PAN-OS: Denial of Service (DoS) in GlobalProtect",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "No workaround or mitigation is available."
            }
          ],
          "value": "No workaround or mitigation is available."
        }
      ],
      "x_affectedList": [
        "PAN-OS 11.0.1-h5",
        "PAN-OS 11.0.1-h4",
        "PAN-OS 11.0.1-h3",
        "PAN-OS 11.0.1-h2",
        "PAN-OS 11.0.1-h1",
        "PAN-OS 11.0.1",
        "PAN-OS 11.0.0-h4",
        "PAN-OS 11.0.0-h3",
        "PAN-OS 11.0.0-h2",
        "PAN-OS 11.0.0-h1",
        "PAN-OS 11.0.0",
        "PAN-OS 10.2.4-h32",
        "PAN-OS 10.2.4-h31",
        "PAN-OS 10.2.4-h30",
        "PAN-OS 10.2.4-h29",
        "PAN-OS 10.2.4-h28",
        "PAN-OS 10.2.4-h27",
        "PAN-OS 10.2.4-h26",
        "PAN-OS 10.2.4-h25",
        "PAN-OS 10.2.4-h24",
        "PAN-OS 10.2.4-h23",
        "PAN-OS 10.2.4-h22",
        "PAN-OS 10.2.4-h21",
        "PAN-OS 10.2.4-h20",
        "PAN-OS 10.2.4-h19",
        "PAN-OS 10.2.4-h18",
        "PAN-OS 10.2.4-h17",
        "PAN-OS 10.2.4-h16",
        "PAN-OS 10.2.4-h15",
        "PAN-OS 10.2.4-h14",
        "PAN-OS 10.2.4-h13",
        "PAN-OS 10.2.4-h12",
        "PAN-OS 10.2.4-h11",
        "PAN-OS 10.2.4-h10",
        "PAN-OS 10.2.4-h9",
        "PAN-OS 10.2.4-h8",
        "PAN-OS 10.2.4-h7",
        "PAN-OS 10.2.4-h6",
        "PAN-OS 10.2.4-h5",
        "PAN-OS 10.2.4-h4",
        "PAN-OS 10.2.4-h3",
        "PAN-OS 10.2.4-h2",
        "PAN-OS 10.2.4-h1",
        "PAN-OS 10.2.4",
        "PAN-OS 10.2.3-h14",
        "PAN-OS 10.2.3-h13",
        "PAN-OS 10.2.3-h12",
        "PAN-OS 10.2.3-h11",
        "PAN-OS 10.2.3-h10",
        "PAN-OS 10.2.3-h9",
        "PAN-OS 10.2.3-h8",
        "PAN-OS 10.2.3-h7",
        "PAN-OS 10.2.3-h6",
        "PAN-OS 10.2.3-h5",
        "PAN-OS 10.2.3-h4",
        "PAN-OS 10.2.3-h3",
        "PAN-OS 10.2.3-h2",
        "PAN-OS 10.2.3-h1",
        "PAN-OS 10.2.3",
        "PAN-OS 10.2.2-h6",
        "PAN-OS 10.2.2-h5",
        "PAN-OS 10.2.2-h4",
        "PAN-OS 10.2.2-h3",
        "PAN-OS 10.2.2-h2",
        "PAN-OS 10.2.2-h1",
        "PAN-OS 10.2.2",
        "PAN-OS 10.2.1-h3",
        "PAN-OS 10.2.1-h2",
        "PAN-OS 10.2.1-h1",
        "PAN-OS 10.2.1",
        "PAN-OS 10.2.0-h4",
        "PAN-OS 10.2.0-h3",
        "PAN-OS 10.2.0-h2",
        "PAN-OS 10.2.0-h1",
        "PAN-OS 10.2.0",
        "PAN-OS 10.1.14-h10",
        "PAN-OS 10.1.14-h9",
        "PAN-OS 10.1.14-h8",
        "PAN-OS 10.1.14-h7",
        "PAN-OS 10.1.14-h6",
        "PAN-OS 10.1.14-h5",
        "PAN-OS 10.1.14-h4",
        "PAN-OS 10.1.14-h3",
        "PAN-OS 10.1.14-h2",
        "PAN-OS 10.1.14-h1",
        "PAN-OS 10.1.14",
        "PAN-OS 10.1.13-h5",
        "PAN-OS 10.1.13-h4",
        "PAN-OS 10.1.13-h3",
        "PAN-OS 10.1.13-h2",
        "PAN-OS 10.1.13-h1",
        "PAN-OS 10.1.13",
        "PAN-OS 10.1.12-h3",
        "PAN-OS 10.1.12-h2",
        "PAN-OS 10.1.12-h1",
        "PAN-OS 10.1.12",
        "PAN-OS 10.1.11-h10",
        "PAN-OS 10.1.11-h9",
        "PAN-OS 10.1.11-h8",
        "PAN-OS 10.1.11-h7",
        "PAN-OS 10.1.11-h6",
        "PAN-OS 10.1.11-h5",
        "PAN-OS 10.1.11-h4",
        "PAN-OS 10.1.11-h3",
        "PAN-OS 10.1.11-h2",
        "PAN-OS 10.1.11-h1",
        "PAN-OS 10.1.11",
        "PAN-OS 10.1.10-h9",
        "PAN-OS 10.1.10-h8",
        "PAN-OS 10.1.10-h7",
        "PAN-OS 10.1.10-h6",
        "PAN-OS 10.1.10-h5",
        "PAN-OS 10.1.10-h4",
        "PAN-OS 10.1.10-h3",
        "PAN-OS 10.1.10-h2",
        "PAN-OS 10.1.10-h1",
        "PAN-OS 10.1.10",
        "PAN-OS 10.1.9-h14",
        "PAN-OS 10.1.9-h13",
        "PAN-OS 10.1.9-h12",
        "PAN-OS 10.1.9-h11",
        "PAN-OS 10.1.9-h10",
        "PAN-OS 10.1.9-h9",
        "PAN-OS 10.1.9-h8",
        "PAN-OS 10.1.9-h7",
        "PAN-OS 10.1.9-h6",
        "PAN-OS 10.1.9-h5",
        "PAN-OS 10.1.9-h4",
        "PAN-OS 10.1.9-h3",
        "PAN-OS 10.1.9-h2",
        "PAN-OS 10.1.9-h1",
        "PAN-OS 10.1.9",
        "PAN-OS 10.1.8-h8",
        "PAN-OS 10.1.8-h7",
        "PAN-OS 10.1.8-h6",
        "PAN-OS 10.1.8-h5",
        "PAN-OS 10.1.8-h4",
        "PAN-OS 10.1.8-h3",
        "PAN-OS 10.1.8-h2",
        "PAN-OS 10.1.8-h1",
        "PAN-OS 10.1.8",
        "PAN-OS 10.1.7-h1",
        "PAN-OS 10.1.7",
        "PAN-OS 10.1.6-h9",
        "PAN-OS 10.1.6-h8",
        "PAN-OS 10.1.6-h7",
        "PAN-OS 10.1.6-h6",
        "PAN-OS 10.1.6-h5",
        "PAN-OS 10.1.6-h4",
        "PAN-OS 10.1.6-h3",
        "PAN-OS 10.1.6-h2",
        "PAN-OS 10.1.6-h1",
        "PAN-OS 10.1.6",
        "PAN-OS 10.1.5-h4",
        "PAN-OS 10.1.5-h3",
        "PAN-OS 10.1.5-h2",
        "PAN-OS 10.1.5-h1",
        "PAN-OS 10.1.5",
        "PAN-OS 10.1.4-h6",
        "PAN-OS 10.1.4-h5",
        "PAN-OS 10.1.4-h4",
        "PAN-OS 10.1.4-h3",
        "PAN-OS 10.1.4-h2",
        "PAN-OS 10.1.4-h1",
        "PAN-OS 10.1.4",
        "PAN-OS 10.1.3-h4",
        "PAN-OS 10.1.3-h3",
        "PAN-OS 10.1.3-h2",
        "PAN-OS 10.1.3-h1",
        "PAN-OS 10.1.3",
        "PAN-OS 10.1.2",
        "PAN-OS 10.1.1",
        "PAN-OS 10.1.0"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2025-0114",
    "datePublished": "2025-03-12T18:20:05.608Z",
    "dateReserved": "2024-12-20T23:23:15.900Z",
    "dateUpdated": "2025-03-12T18:34:48.122Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-0114\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2025-03-12T19:15:37.363\",\"lastModified\":\"2025-03-12T19:15:37.363\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\\n\\nThis issue does not apply to Cloud NGFWs or Prisma Access software.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en la funci\u00f3n GlobalProtect del software PAN-OS de Palo Alto Networks permite que un atacante no autenticado inhabilite el servicio mediante el env\u00edo de una gran cantidad de paquetes especialmente manipulados durante un per\u00edodo de tiempo. Este problema afecta tanto al portal como a la puerta de enlace de GlobalProtect. No se aplica a los NGFW en la nube ni al software Prisma Access.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:X/U:Amber\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NO\",\"Recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"AMBER\"}}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2025-0114\",\"source\":\"psirt@paloaltonetworks.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0114\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-12T18:34:02.023259Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-12T18:34:35.659Z\"}}], \"cna\": {\"title\": \"PAN-OS: Denial of Service (DoS) in GlobalProtect\", \"source\": {\"defect\": [\"PAN-209208\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"an external reporter\"}], \"impacts\": [{\"capecId\": \"CAPEC-125\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-125 Flooding\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 8.2, \"Automatable\": \"NO\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h10:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h9:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*\"], \"vendor\": \"Palo Alto Networks\", \"product\": \"PAN-OS\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"11.2.0\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"11.1.0\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.0.2\", \"status\": \"unaffected\"}], \"version\": \"11.0.0\", \"lessThan\": \"11.0.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.5\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.1.14-h11\", \"status\": \"unaffected\"}], \"version\": \"10.1.0\", \"lessThan\": \"10.1.14-h11\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"Cloud NGFW\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"Prisma Access\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-03-12T16:00:00.000Z\", \"value\": \"Initial Publication\"}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"Version\\nMinor Version\\nSuggested Solution\\nPAN-OS 11.011.0.0 through 11.0.1Upgrade to 11.0.2 or laterPAN-OS 10.210.2.0 through 10.2.4\\nUpgrade to 10.2.5 or laterPAN-OS 10.1\\n10.1.0 through 10.1.14\\nUpgrade to 10.1.14-h11 or later\\nAll other older\\nunsupported\\nPAN-OS versions\\u00a0Upgrade to a supported fixed version.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003ctable class=\\\"tbl\\\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.0\u003c/td\u003e\u003ctd\u003e11.0.0 through 11.0.1\u003c/td\u003e\u003ctd\u003eUpgrade to 11.0.2 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.4\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.5 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.1\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.1.0 through 10.1.14\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.1.14-h11 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older\u003cbr\u003eunsupported\u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\", \"base64\": false}]}], \"datePublic\": \"2025-03-12T16:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2025-0114\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"No workaround or mitigation is available.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"No workaround or mitigation is available.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\\n\\nThis issue does not apply to Cloud NGFWs or Prisma Access software.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\u003cbr\u003e\u003cbr\u003eThis issue does not apply to Cloud NGFWs or Prisma Access software.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect portal or gateway. You can verify whether you have a GlobalProtect portal or gateway configured on your firewall by checking entries in the firewall web interface (Network \u003e GlobalProtect \u003e Portals and Network \u003e GlobalProtect \u003e Gateways).\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect portal or gateway. You can verify whether you have a GlobalProtect portal or gateway configured on your firewall by checking entries in the firewall web interface (\u003cb\u003eNetwork\u003c/b\u003e \u0026gt; \u003cb\u003eGlobalProtect\u003c/b\u003e \u0026gt; \u003cb\u003ePortals\u003c/b\u003e and \u003cb\u003eNetwork\u003c/b\u003e \u0026gt; \u003cb\u003eGlobalProtect\u003c/b\u003e \u0026gt; \u003cb\u003eGateways\u003c/b\u003e).\", \"base64\": false}]}], \"x_affectedList\": [\"PAN-OS 11.0.1-h5\", \"PAN-OS 11.0.1-h4\", \"PAN-OS 11.0.1-h3\", \"PAN-OS 11.0.1-h2\", \"PAN-OS 11.0.1-h1\", \"PAN-OS 11.0.1\", \"PAN-OS 11.0.0-h4\", \"PAN-OS 11.0.0-h3\", \"PAN-OS 11.0.0-h2\", \"PAN-OS 11.0.0-h1\", \"PAN-OS 11.0.0\", \"PAN-OS 10.2.4-h32\", \"PAN-OS 10.2.4-h31\", \"PAN-OS 10.2.4-h30\", \"PAN-OS 10.2.4-h29\", \"PAN-OS 10.2.4-h28\", \"PAN-OS 10.2.4-h27\", \"PAN-OS 10.2.4-h26\", \"PAN-OS 10.2.4-h25\", \"PAN-OS 10.2.4-h24\", \"PAN-OS 10.2.4-h23\", \"PAN-OS 10.2.4-h22\", \"PAN-OS 10.2.4-h21\", \"PAN-OS 10.2.4-h20\", \"PAN-OS 10.2.4-h19\", \"PAN-OS 10.2.4-h18\", \"PAN-OS 10.2.4-h17\", \"PAN-OS 10.2.4-h16\", \"PAN-OS 10.2.4-h15\", \"PAN-OS 10.2.4-h14\", \"PAN-OS 10.2.4-h13\", \"PAN-OS 10.2.4-h12\", \"PAN-OS 10.2.4-h11\", \"PAN-OS 10.2.4-h10\", \"PAN-OS 10.2.4-h9\", \"PAN-OS 10.2.4-h8\", \"PAN-OS 10.2.4-h7\", \"PAN-OS 10.2.4-h6\", \"PAN-OS 10.2.4-h5\", \"PAN-OS 10.2.4-h4\", \"PAN-OS 10.2.4-h3\", \"PAN-OS 10.2.4-h2\", \"PAN-OS 10.2.4-h1\", \"PAN-OS 10.2.4\", \"PAN-OS 10.2.3-h14\", \"PAN-OS 10.2.3-h13\", \"PAN-OS 10.2.3-h12\", \"PAN-OS 10.2.3-h11\", \"PAN-OS 10.2.3-h10\", \"PAN-OS 10.2.3-h9\", \"PAN-OS 10.2.3-h8\", \"PAN-OS 10.2.3-h7\", \"PAN-OS 10.2.3-h6\", \"PAN-OS 10.2.3-h5\", \"PAN-OS 10.2.3-h4\", \"PAN-OS 10.2.3-h3\", \"PAN-OS 10.2.3-h2\", \"PAN-OS 10.2.3-h1\", \"PAN-OS 10.2.3\", \"PAN-OS 10.2.2-h6\", \"PAN-OS 10.2.2-h5\", \"PAN-OS 10.2.2-h4\", \"PAN-OS 10.2.2-h3\", \"PAN-OS 10.2.2-h2\", \"PAN-OS 10.2.2-h1\", \"PAN-OS 10.2.2\", \"PAN-OS 10.2.1-h3\", \"PAN-OS 10.2.1-h2\", \"PAN-OS 10.2.1-h1\", \"PAN-OS 10.2.1\", \"PAN-OS 10.2.0-h4\", \"PAN-OS 10.2.0-h3\", \"PAN-OS 10.2.0-h2\", \"PAN-OS 10.2.0-h1\", \"PAN-OS 10.2.0\", \"PAN-OS 10.1.14-h10\", \"PAN-OS 10.1.14-h9\", \"PAN-OS 10.1.14-h8\", \"PAN-OS 10.1.14-h7\", \"PAN-OS 10.1.14-h6\", \"PAN-OS 10.1.14-h5\", \"PAN-OS 10.1.14-h4\", \"PAN-OS 10.1.14-h3\", \"PAN-OS 10.1.14-h2\", \"PAN-OS 10.1.14-h1\", \"PAN-OS 10.1.14\", \"PAN-OS 10.1.13-h5\", \"PAN-OS 10.1.13-h4\", \"PAN-OS 10.1.13-h3\", \"PAN-OS 10.1.13-h2\", \"PAN-OS 10.1.13-h1\", \"PAN-OS 10.1.13\", \"PAN-OS 10.1.12-h3\", \"PAN-OS 10.1.12-h2\", \"PAN-OS 10.1.12-h1\", \"PAN-OS 10.1.12\", \"PAN-OS 10.1.11-h10\", \"PAN-OS 10.1.11-h9\", \"PAN-OS 10.1.11-h8\", \"PAN-OS 10.1.11-h7\", \"PAN-OS 10.1.11-h6\", \"PAN-OS 10.1.11-h5\", \"PAN-OS 10.1.11-h4\", \"PAN-OS 10.1.11-h3\", \"PAN-OS 10.1.11-h2\", \"PAN-OS 10.1.11-h1\", \"PAN-OS 10.1.11\", \"PAN-OS 10.1.10-h9\", \"PAN-OS 10.1.10-h8\", \"PAN-OS 10.1.10-h7\", \"PAN-OS 10.1.10-h6\", \"PAN-OS 10.1.10-h5\", \"PAN-OS 10.1.10-h4\", \"PAN-OS 10.1.10-h3\", \"PAN-OS 10.1.10-h2\", \"PAN-OS 10.1.10-h1\", \"PAN-OS 10.1.10\", \"PAN-OS 10.1.9-h14\", \"PAN-OS 10.1.9-h13\", \"PAN-OS 10.1.9-h12\", \"PAN-OS 10.1.9-h11\", \"PAN-OS 10.1.9-h10\", \"PAN-OS 10.1.9-h9\", \"PAN-OS 10.1.9-h8\", \"PAN-OS 10.1.9-h7\", \"PAN-OS 10.1.9-h6\", \"PAN-OS 10.1.9-h5\", \"PAN-OS 10.1.9-h4\", \"PAN-OS 10.1.9-h3\", \"PAN-OS 10.1.9-h2\", \"PAN-OS 10.1.9-h1\", \"PAN-OS 10.1.9\", \"PAN-OS 10.1.8-h8\", \"PAN-OS 10.1.8-h7\", \"PAN-OS 10.1.8-h6\", \"PAN-OS 10.1.8-h5\", \"PAN-OS 10.1.8-h4\", \"PAN-OS 10.1.8-h3\", \"PAN-OS 10.1.8-h2\", \"PAN-OS 10.1.8-h1\", \"PAN-OS 10.1.8\", \"PAN-OS 10.1.7-h1\", \"PAN-OS 10.1.7\", \"PAN-OS 10.1.6-h9\", \"PAN-OS 10.1.6-h8\", \"PAN-OS 10.1.6-h7\", \"PAN-OS 10.1.6-h6\", \"PAN-OS 10.1.6-h5\", \"PAN-OS 10.1.6-h4\", \"PAN-OS 10.1.6-h3\", \"PAN-OS 10.1.6-h2\", \"PAN-OS 10.1.6-h1\", \"PAN-OS 10.1.6\", \"PAN-OS 10.1.5-h4\", \"PAN-OS 10.1.5-h3\", \"PAN-OS 10.1.5-h2\", \"PAN-OS 10.1.5-h1\", \"PAN-OS 10.1.5\", \"PAN-OS 10.1.4-h6\", \"PAN-OS 10.1.4-h5\", \"PAN-OS 10.1.4-h4\", \"PAN-OS 10.1.4-h3\", \"PAN-OS 10.1.4-h2\", \"PAN-OS 10.1.4-h1\", \"PAN-OS 10.1.4\", \"PAN-OS 10.1.3-h4\", \"PAN-OS 10.1.3-h3\", \"PAN-OS 10.1.3-h2\", \"PAN-OS 10.1.3-h1\", \"PAN-OS 10.1.3\", \"PAN-OS 10.1.2\", \"PAN-OS 10.1.1\", \"PAN-OS 10.1.0\"], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2025-03-12T18:20:05.608Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-0114\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-12T18:34:48.122Z\", \"dateReserved\": \"2024-12-20T23:23:15.900Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2025-03-12T18:20:05.608Z\", \"assignerShortName\": \"palo_alto\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

wid-sec-w-2025-0547

Vulnerability from csaf_certbund

Published

2025-03-12 23:00

Modified

2025-03-12 23:00

Summary

PaloAlto Networks PAN-OS: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen.

Betroffene Betriebssysteme

- Appliance - Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Appliance\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0547 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0547.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0547 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0547"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2025-03-12",
        "url": "https://security.paloaltonetworks.com/CVE-2025-0115"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2025-03-12",
        "url": "https://security.paloaltonetworks.com/CVE-2025-0116"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2025-03-12",
        "url": "https://security.paloaltonetworks.com/CVE-2025-0114"
      }
    ],
    "source_lang": "en-US",
    "title": "PaloAlto Networks PAN-OS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-03-12T23:00:00.000+00:00",
      "generator": {
        "date": "2025-03-13T11:19:15.304+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-0547",
      "initial_release_date": "2025-03-12T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-03-12T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c11.0.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.2",
                  "product_id": "T041857"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.2",
                  "product_id": "T041857-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.5",
                  "product_id": "T041858"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.5",
                  "product_id": "T041858-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.14-h11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.14-h11",
                  "product_id": "T041859"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.14-h11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.14-h11",
                  "product_id": "T041859-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.14-h11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.3",
                  "product_id": "T041860"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.3",
                  "product_id": "T041860-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.5",
                  "product_id": "T041861"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.5",
                  "product_id": "T041861-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.6",
                  "product_id": "T041862"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.6",
                  "product_id": "T041862-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.11",
                  "product_id": "T041863"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.11",
                  "product_id": "T041863-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.5",
                  "product_id": "T041864"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.5",
                  "product_id": "T041864-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.8",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.8",
                  "product_id": "T041865"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.8",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.8",
                  "product_id": "T041865-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.8"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.13-h5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.13-h5",
                  "product_id": "T041866"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.13-h5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.13-h5",
                  "product_id": "T041866-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.13-h5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.14",
                  "product_id": "T041867"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.14",
                  "product_id": "T041867-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.14"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PAN-OS"
          }
        ],
        "category": "vendor",
        "name": "PaloAlto Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-0115",
      "product_status": {
        "known_affected": [
          "T041859",
          "T041858",
          "T041857",
          "T041863",
          "T041862",
          "T041861",
          "T041860"
        ]
      },
      "release_date": "2025-03-12T23:00:00.000+00:00",
      "title": "CVE-2025-0115"
    },
    {
      "cve": "CVE-2025-0116",
      "product_status": {
        "known_affected": [
          "T041859",
          "T041858",
          "T041857",
          "T041867",
          "T041866",
          "T041865",
          "T041864",
          "T041863",
          "T041862",
          "T041861",
          "T041860"
        ]
      },
      "release_date": "2025-03-12T23:00:00.000+00:00",
      "title": "CVE-2025-0116"
    },
    {
      "cve": "CVE-2025-0114",
      "product_status": {
        "known_affected": [
          "T041859",
          "T041858",
          "T041857"
        ]
      },
      "release_date": "2025-03-12T23:00:00.000+00:00",
      "title": "CVE-2025-0114"
    }
  ]
}

ghsa-p6rm-v297-gpf4

Vulnerability from github

Published

2025-03-12 21:31

Modified

2025-03-12 21:31

Severity ?

8.2 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber

Details

This issue does not apply to Cloud NGFWs or Prisma Access software.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-0114"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-12T19:15:37Z",
    "severity": "HIGH"
  },
  "details": "A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\n\nThis issue does not apply to Cloud NGFWs or Prisma Access software.",
  "id": "GHSA-p6rm-v297-gpf4",
  "modified": "2025-03-12T21:31:29Z",
  "published": "2025-03-12T21:31:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0114"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0114"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:X/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

ssa-364175

Vulnerability from csaf_siemens

Published

2024-07-09 00:00

Modified

2025-07-08 00:00

Summary

SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1

Notes

Summary

Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications. [1] https://security.paloaltonetworks.com/

General Recommendations

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks\u0027 upstream security notifications.\n\n[1] \nhttps://security.paloaltonetworks.com/",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-364175.html"
      },
      {
        "category": "self",
        "summary": "SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-364175.json"
      }
    ],
    "title": "SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1",
    "tracking": {
      "current_release_date": "2025-07-08T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-364175",
      "initial_release_date": "2024-07-09T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-07-09T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2024-08-13T00:00:00Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added newly published CVE-2024-5913 and CVE-2024-3596"
        },
        {
          "date": "2024-10-08T00:00:00Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added CVE-2023-48795, CVE-2024-3596, CVE-2024-5913 and fix version information for Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 devices"
        },
        {
          "date": "2024-11-12T00:00:00Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added newly published CVE-2024-9468 and CVE-2024-9471. Added CVSSv4.0 vector to CVE-2024-5913"
        },
        {
          "date": "2024-12-10T00:00:00Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added newly published CVE-2024-5920"
        },
        {
          "date": "2025-04-08T00:00:00Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Added newly published CVE-2025-0114"
        },
        {
          "date": "2025-07-08T00:00:00Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Added newly published CVE-2025-4231"
        }
      ],
      "status": "final",
      "version": "7"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "RUGGEDCOM APE1808",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "RUGGEDCOM APE1808",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "RUGGEDCOM APE1808",
                  "product_id": "3"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM APE1808"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Customers can resolve this issue by configuring the in-use SSH profile to contain at least one cipher and at least one MAC algorithm, which removes support for CHACHA20-POLY1305 and all Encrypt-then-MAC algorithms available (ciphers with -etm in the name) in PAN-OS software. See Palo Alto Networks\u0027 upstream documentation https://security.paloaltonetworks.com/CVE-2023-48795 for additional guidance.",
          "product_ids": [
            "1"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict access to the networks where RADIUS messages are exchanged (e.g., send RADIUS traffic via management network or a dedicated VLAN)",
          "product_ids": [
            "1"
          ]
        },
        {
          "category": "mitigation",
          "details": "Con\ufb01gure the RADIUS server to require the presence of a Message-Authenticator attribute in all Access-Request packets from RADIUS client devices that support it",
          "product_ids": [
            "1"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2024-3596",
      "cwe": {
        "id": "CWE-924",
        "name": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
      },
      "notes": [
        {
          "category": "summary",
          "text": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify responses Access-Reject or Access-Accept using a chosen-prefix collision attack against MD5 Response Authenticator signature.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Customers can resolve this issue by configuring the in-use SSH profile to contain at least one cipher and at least one MAC algorithm, which removes support for CHACHA20-POLY1305 and all Encrypt-then-MAC algorithms available (ciphers with -etm in the name) in PAN-OS software. See Palo Alto Networks\u0027 upstream documentation https://security.paloaltonetworks.com/CVE-2023-48795 for additional guidance.",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict access to the networks where RADIUS messages are exchanged (e.g., send RADIUS traffic via management network or a dedicated VLAN)",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Con\ufb01gure the RADIUS server to require the presence of a Message-Authenticator attribute in all Access-Request packets from RADIUS client devices that support it",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information",
          "product_ids": [
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "2"
          ]
        }
      ],
      "title": "CVE-2024-3596"
    },
    {
      "cve": "CVE-2024-5913",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Customers can resolve this issue by configuring the in-use SSH profile to contain at least one cipher and at least one MAC algorithm, which removes support for CHACHA20-POLY1305 and all Encrypt-then-MAC algorithms available (ciphers with -etm in the name) in PAN-OS software. See Palo Alto Networks\u0027 upstream documentation https://security.paloaltonetworks.com/CVE-2023-48795 for additional guidance.",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict access to the networks where RADIUS messages are exchanged (e.g., send RADIUS traffic via management network or a dedicated VLAN)",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Con\ufb01gure the RADIUS server to require the presence of a Message-Authenticator attribute in all Access-Request packets from RADIUS client devices that support it",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information",
          "product_ids": [
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "2"
          ]
        }
      ],
      "title": "CVE-2024-5913"
    },
    {
      "cve": "CVE-2024-5920",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrator\u0027s browser.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Customers can resolve this issue by configuring the in-use SSH profile to contain at least one cipher and at least one MAC algorithm, which removes support for CHACHA20-POLY1305 and all Encrypt-then-MAC algorithms available (ciphers with -etm in the name) in PAN-OS software. See Palo Alto Networks\u0027 upstream documentation https://security.paloaltonetworks.com/CVE-2023-48795 for additional guidance.",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict access to the networks where RADIUS messages are exchanged (e.g., send RADIUS traffic via management network or a dedicated VLAN)",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Con\ufb01gure the RADIUS server to require the presence of a Message-Authenticator attribute in all Access-Request packets from RADIUS client devices that support it",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information",
          "product_ids": [
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "2"
          ]
        }
      ],
      "title": "CVE-2024-5920"
    },
    {
      "cve": "CVE-2024-9468",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Customers can resolve this issue by configuring the in-use SSH profile to contain at least one cipher and at least one MAC algorithm, which removes support for CHACHA20-POLY1305 and all Encrypt-then-MAC algorithms available (ciphers with -etm in the name) in PAN-OS software. See Palo Alto Networks\u0027 upstream documentation https://security.paloaltonetworks.com/CVE-2023-48795 for additional guidance.",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict access to the networks where RADIUS messages are exchanged (e.g., send RADIUS traffic via management network or a dedicated VLAN)",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Con\ufb01gure the RADIUS server to require the presence of a Message-Authenticator attribute in all Access-Request packets from RADIUS client devices that support it",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information",
          "product_ids": [
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "2"
          ]
        }
      ],
      "title": "CVE-2024-9468"
    },
    {
      "cve": "CVE-2024-9471",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Customers can resolve this issue by configuring the in-use SSH profile to contain at least one cipher and at least one MAC algorithm, which removes support for CHACHA20-POLY1305 and all Encrypt-then-MAC algorithms available (ciphers with -etm in the name) in PAN-OS software. See Palo Alto Networks\u0027 upstream documentation https://security.paloaltonetworks.com/CVE-2023-48795 for additional guidance.",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict access to the networks where RADIUS messages are exchanged (e.g., send RADIUS traffic via management network or a dedicated VLAN)",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Con\ufb01gure the RADIUS server to require the presence of a Message-Authenticator attribute in all Access-Request packets from RADIUS client devices that support it",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information",
          "product_ids": [
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "2"
          ]
        }
      ],
      "title": "CVE-2024-9471"
    },
    {
      "cve": "CVE-2025-0114",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "3"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Customers can resolve this issue by configuring the in-use SSH profile to contain at least one cipher and at least one MAC algorithm, which removes support for CHACHA20-POLY1305 and all Encrypt-then-MAC algorithms available (ciphers with -etm in the name) in PAN-OS software. See Palo Alto Networks\u0027 upstream documentation https://security.paloaltonetworks.com/CVE-2023-48795 for additional guidance.",
          "product_ids": [
            "3"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict access to the networks where RADIUS messages are exchanged (e.g., send RADIUS traffic via management network or a dedicated VLAN)",
          "product_ids": [
            "3"
          ]
        },
        {
          "category": "mitigation",
          "details": "Con\ufb01gure the RADIUS server to require the presence of a Message-Authenticator attribute in all Access-Request packets from RADIUS client devices that support it",
          "product_ids": [
            "3"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information",
          "product_ids": [
            "3"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "3"
          ]
        }
      ],
      "title": "CVE-2025-0114"
    },
    {
      "cve": "CVE-2025-4231",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A command injection vulnerability in Palo Alto Networks PAN-OS\u00ae enables an authenticated administrative user to perform actions as the root user.\r\nThe attacker must have network access to the management web interface and successfully authenticate to exploit this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "2"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Exposure can be reduced by limiting access to the management interface to trusted internal IP addresses as described in \nPalo Alto Networks\u0027 Security Advisory",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Customers can resolve this issue by configuring the in-use SSH profile to contain at least one cipher and at least one MAC algorithm, which removes support for CHACHA20-POLY1305 and all Encrypt-then-MAC algorithms available (ciphers with -etm in the name) in PAN-OS software. See Palo Alto Networks\u0027 upstream documentation https://security.paloaltonetworks.com/CVE-2023-48795 for additional guidance.",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict access to the networks where RADIUS messages are exchanged (e.g., send RADIUS traffic via management network or a dedicated VLAN)",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Con\ufb01gure the RADIUS server to require the presence of a Message-Authenticator attribute in all Access-Request packets from RADIUS client devices that support it",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information",
          "product_ids": [
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "2"
          ]
        }
      ],
      "title": "CVE-2025-4231"
    }
  ]
}

fkie_cve-2025-0114

Vulnerability from fkie_nvd

Published

2025-03-12 19:15

Modified

2025-03-12 19:15

Severity ?

8.2 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber

Summary

References

▶	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2025-0114

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\n\nThis issue does not apply to Cloud NGFWs or Prisma Access software."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en la funci\u00f3n GlobalProtect del software PAN-OS de Palo Alto Networks permite que un atacante no autenticado inhabilite el servicio mediante el env\u00edo de una gran cantidad de paquetes especialmente manipulados durante un per\u00edodo de tiempo. Este problema afecta tanto al portal como a la puerta de enlace de GlobalProtect. No se aplica a los NGFW en la nube ni al software Prisma Access."
    }
  ],
  "id": "CVE-2025-0114",
  "lastModified": "2025-03-12T19:15:37.363",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NO",
          "Recovery": "USER",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "HIGH",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "AMBER",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "CONCENTRATED",
          "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:X/U:Amber",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-03-12T19:15:37.363",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0114"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-0114 (GCVE-0-2025-0114)

Vulnerability from cvelistv5

wid-sec-w-2025-0547

Vulnerability from csaf_certbund

ghsa-p6rm-v297-gpf4

Vulnerability from github

ssa-364175

Vulnerability from csaf_siemens

fkie_cve-2025-0114

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature