Summary: Palo Alto Networks has issued a warning about active exploitation of the CVE-2025-0108 and CVE-2025-0111 vulnerabilities in their PAN-OS firewalls. These vulnerabilities can be chained with an earlier flaw (CVE-2024-9474) to enable remote code execution. The severity of CVE-2025-0111 has been updated to high, necessitating urgent action from users of affected systems.
Affected: Palo Alto Networks PAN-OS firewalls
Keypoints :
- Exploitation of CVE-2025-0108 started shortly after details were made public.
- Chain attacks involving CVE-2025-0108 and CVE-2024-9474 may allow remote code execution.
- CVE-2025-0111 has been escalated to high severity with the highest urgency for remediation.
- Federal agencies are instructed by CISA to address these vulnerabilities by March 13.
- Previous attacks have resulted in configuration extraction and malware deployment.
Source: https://www.securityweek.com/second-recently-patched-flaw-exploited-to-hack-palo-alto-firewalls/