Palo Alto Networks PAN-OS sees authentication bypass under attack from hackers
Posted by:
James Thompson
Palo Alto Networks recently addressed an authentication bypass vulnerability in its PAN-OS firewalls, identified as CVE-2025-0108. This flaw, with a severity score of 8.8/10, was found in various product versions but has since been fixed in updates released on February 12, 2025. Cybercriminals wasted no time in attempting to exploit the vulnerability post-patch release, aiming to execute PHP scripts that could lead to data breaches and firewall manipulation.
Security experts at GreyNoise noted a surge in exploit attempts on unpatched systems just a day after the patch rollout, indicating a coordinated effort by attackers. Researcher Yutaka Sejiyama estimated that more than 4,400 devices may be at risk. To safeguard against such attacks, users are urged to promptly update their firewalls and tighten access controls.
Small and medium-sized businesses (SMBs) are particularly vulnerable to firewall breaches due to weaker security measures and outdated firmware. This creates opportunities for threat actors to breach networks, potentially compromising sensitive information and perpetuating further cyber threats. It is crucial for organizations to prioritize security updates and maintain robust IT defenses to mitigate risks effectively.
(Source: BleepingComputer)
Recent Posts1
