Palo Alto Networks has issued a warning regarding a new vulnerability in its PAN-OS firewall software, tracked as CVE-2025-0108, actively being exploited by hackers. Discovered by Assetnote, this flaw is being combined with two prior vulnerabilities to target unsecured network management. Despite low complexity in execution, the increasing number of reported exploitation attempts suggests a growing threat. GreyNoise highlighted heightened attack traffic primarily in the U.S. and Germany, underscoring the urgency for customers to patch their systems against this significant security risk.
This high-severity flaw allows unauthenticated attackers to execute specific PHP scripts, potentially leading to unauthorized access to vulnerable systems.
The complexity of the attack is low, but malicious attackers are chaining the latest vulnerability with previously disclosed flaws.
Collection
[
|
...
]