%20(1).webp?w=1920&resize=1920,0&ssl=1 "Command Injection Flaw in Palo Alto PAN-OS Permits Root-Degree Code Execution")
A newly disclosed command injection vulnerability (CVE-2025-4230) in Palo Alto Networks PAN-OS software program permits authenticated directors to bypass restrictions and execute arbitrary instructions with root privileges.
With a CVSS v4.0 rating of 5.7 (Medium severity), this flaw highlights dangers in privileged entry administration for community safety home equipment.
Vulnerability Overview and Assault Vector
The vulnerability stems from improper neutralization of particular components in OS instructions (CWE-78), permitting authenticated admins to take advantage of the PAN-OS CLI for command injection (CAPEC-248).
Attackers with CLI entry can escalate privileges to root, enabling:
- Arbitrary file system modifications
- Unauthorized service disruptions
- Lateral community motion
The assault vector is native (AV:L in CVSS 4.0), requiring excessive privileges (PR:H) however no person interplay (UI:N).
Regardless of its medium severity, the influence scores for confidentiality, integrity, and availability are all HIGH (VC:H/VI:H/VA:H).
Affected Merchandise and Mitigation Methods
The vulnerability impacts PAN-OS variations:
| PAN-OS Model | Affected Builds | Fastened Builds |
|---|---|---|
| 11.2 | < 11.2.6 | ≥ 11.2.6 |
| 11.1 | < 11.1.10 | ≥ 11.1.10 |
| 10.2 | < 10.2.14 | ≥ 10.2.14 |
| 10.1 | < 10.1.14-h15 | ≥ 10.1.14-h15 |
Cloud NGFW and Prisma Entry stay unaffected.
Palo Alto Networks recommends quick upgrades, as no workarounds exist.
For legacy programs, limiting CLI entry to important personnel reduces exploit probability.
Technical Evaluation and Trade Response
The flaw’s CVSS-BT rating of 8.4 reveals vital baseline threats, with excessive environmental exploitability (E:U) and amber urgency (U:Amber).
Key technical particulars embody:
- Assault Complexity: Low (AC:L)
- Exploit Maturity: Unreported as of June 2025
- CPE Affect: 11.x and 10.x PAN-OS builds (e.g.,
cpe:2.3:o:palo_alto_networks:pan-os:11.2.5)
Visa Inc. found and reported the vulnerability, triggering coordinated disclosure.
Whereas no lively exploitation is documented, the mix of root entry and CLI publicity creates a important threat floor.
Community directors ought to audit person privileges and monitor for anomalous CLI exercise utilizing PAN-OS audit logs.
This incident underscores the necessity for rigorous entry controls in community safety infrastructure.
As menace actors more and more goal edge units, sustaining patch self-discipline and minimizing administrative assault surfaces stay paramount.
Discover this Information Fascinating! Comply with us on Google Information, LinkedIn, & X to Get Immediate Updates
%20(1).webp?ssl=1&description=Command+Injection+Flaw+in+Palo+Alto+PAN-OS+Permits+Root-Degree+Code+Execution){kind=link}