CVE-2025-0111

UNKNOWN 0.0

⚠️ CISA KEV

PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.

CWE	CWE-73
Vendor	palo alto networks
Product	cloud ngfw
Published	Feb 12, 2025
Last Updated	Feb 26, 2026

⚠️ Actively Exploited — Act Now

Get instant alerts for palo alto networks cloud ngfw

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2025-0111.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Palo Alto Networks / Cloud NGFW

All versions affected

Palo Alto Networks / PAN-OS

10.1.0 < 10.1.14-h9 10.2.0 < 10.2.7-h24 11.1.0 < 11.1.6-h1 11.2.0 < 11.2.4-h4

Palo Alto Networks / Prisma Access

All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗

security.paloaltonetworks.com: https://security.paloaltonetworks.com/CVE-2025-0111 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-0111

Credits

Émilio Gonzalez Maxime Gaudreault our Deep Product Security Research Team