Which versions of Pan Os are affected by CVE-2025-0111?

CVE-2025-0111 presents moderate security risk rated CVSS 7.1. Exploitation could compromise the security of affected deployments.

Is CVE-2025-0111 being actively exploited?

Yes, CVE-2025-0111 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active in-the-wild exploitation. Immediate patching is required.

How to fix or mitigate CVE-2025-0111?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Monitor vendor channels for patch availability.

Pan Os CVE-2025-0111

Q: What is the CVSS score of CVE-2025-0111?

CVE-2025-0111 has a CVSS 4.0 base score of 7.1 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Red. EPSS exploitation probability: 3.6%.

HIGH

External Control of File Name or Path (CWE-73)

2025-02-12 psirt@paloaltonetworks.com

Information Disclosure Paloalto Pan Os

7.1

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Red

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:26 vuln.today

Added to CISA KEV

Nov 04, 2025 - 16:49 cisa

CISA KEV

CVE Published

Feb 12, 2025 - 21:15 nvd

HIGH 7.1

DescriptionNVD

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.

You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

This issue does not affect Cloud NGFW or Prisma Access software.

AnalysisAI

Palo Alto Networks PAN-OS management interface contains an authenticated file read vulnerability allowing reading of files accessible to the 'nobody' user, exploited alongside CVE-2025-0108 for configuration extraction.

Technical ContextAI

The CWE-73 external control of file name in the management web interface allows file path manipulation. Files readable by the 'nobody' user include various configuration files and logs that may contain sensitive information.

RemediationAI

Apply PAN-OS updates. Restrict management interface access. Rotate all credentials stored in PAN-OS configuration after patching.

CVE-2025-0111 vulnerability details – vuln.today

Back

Pan Os CVE-2025-0111

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

Pan Os CVE-2025-0111

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code