What is the CVSS score of CVE-2025-4228?

CVE-2025-4228 has a CVSS 4.0 base score of 4.6 (Medium). CVSS vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber. EPSS exploitation probability: 0.0%.

Which versions of Paloalto are affected by CVE-2025-4228?

CVE-2025-4228 presents moderate security risk rated CVSS 4.6. Exploitation could compromise the security of affected deployments.. A patch is available.

How to fix or mitigate CVE-2025-4228?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Paloalto CVE-2025-4228

EUVD-2025-18225 MEDIUM

Incorrect Privilege Assignment (CWE-266)

2025-06-13 psirt@paloaltonetworks.com

Privilege Escalation Paloalto

4.6

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Lifecycle Timeline

Patch available

Apr 16, 2026 - 05:29 EUVD

27.0.26

EUVD ID Assigned

Mar 14, 2026 - 21:34 euvd

EUVD-2025-18225

Analysis Generated

Mar 14, 2026 - 21:34 vuln.today

CVE Published

Jun 13, 2025 - 00:15 nvd

MEDIUM 4.6

DescriptionNVD

An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex® XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and escalate their privileges to root.

AnalysisAI

CVE-2025-4228 is a security vulnerability (CVSS 4.6) that allows an authenticated administrative user. Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor.

RemediationAI

Monitor vendor channels for patch availability.

CVE-2025-4228 vulnerability details – vuln.today

Back