Palo Alto Networks Security Advisories

1 - 25 of 438
VersionsAffectedUnaffected
2.2CVE-2025-0118 GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect UWP App
None on macOS, Linux, iOS, Android, Chrome OS
< 6.3.3 on Windows
< 6.2.5 on Windows
< 6.1.6 on Windows
< 6.0.11 on Windows
None
All on macOS, Linux, iOS, Android, Chrome OS
>= 6.3.3 on Windows
>= 6.2.5 on Windows
>= 6.1.6 on Windows
>= 6.0.11 on Windows
All
2025-03-122025-03-12
4.3CVE-2025-0117 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
GlobalProtect App
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect UWP App
None on iOS, None on Android, None on Chrome OS, None on macOS
< 6.3.3 on Windows
< 6.2.6 on Windows
All on Windows
All on Windows
None
All on iOS, All on Android, All on Chrome OS, All on macOS
>= 6.3.3 on Windows (ETA: April 2025)
>= 6.2.6 on Windows
None on Windows
None on Windows
All
2025-03-122025-03-12
4.3CVE-2025-0116 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.5
< 11.1.8
< 10.2.13-h5, < 10.2.14
< 10.1.14-h11
None
All
>= 11.2.5
>= 11.1.8 (ETA: 3/13/2025)
>= 10.2.13-h5, >= 10.2.14 (ETA: 4/3/2025)
>= 10.1.14-h11
All
2025-03-122025-03-12
4.3CVE-2025-0115 PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.3
< 11.1.5
< 11.0.6
< 10.2.11
< 10.1.14-h11
None
All
>= 11.2.3
>= 11.1.5
>= 11.0.6
>= 10.2.11
>= 10.1.14-h11
All
2025-03-122025-03-12
4.6CVE-2025-0114 PAN-OS: Denial of Service (DoS) in GlobalProtect
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
None
< 11.0.2
< 10.2.5
< 10.1.14-h11
None
All
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.14-h11
All
2025-03-122025-03-12
7.6PAN-SA-2025-0007 Chromium: Monthly Vulnerability Update (March 2025)
Prisma Access Browser
< 133.16.4.99
>= 134.7.4.44
2025-03-122025-03-12
4.9CVE-2025-0113 Cortex XDR Broker VM: Unauthorized Access to Broker VM Docker Containers
Cortex XDR Broker VM
< 26.0.116
>= 26.0.116
2025-02-122025-02-12
iPAN-SA-2025-0006 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-OS
None
All
2025-02-122025-02-12
iPAN-SA-2025-0005 GlobalProtect Clientless VPN: Clientless VPN Misconfiguration Allows Cross-Site Attacks
Cloud NGFW
PAN-OS
Prisma Access
None
All
All
All
None
None
2025-02-122025-02-12
6.1PAN-SA-2025-0004 Chromium: Monthly Vulnerability Update (February 2025)
Prisma Access Browser
< 132.111.3017.2
>= 133.8.10.54
2025-02-122025-02-12
6.6CVE-2024-1135 Impact of CVE-2024-1135
Cortex XDR Broker VM
< 25.105.6
>= 25.105.6
2025-02-122025-02-12
4.3CVE-2025-0112 Cortex XDR Agent: Local Windows User Can Disable the Agent
Cortex XDR Agent 8.6
Cortex XDR Agent 8.5
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3-CE
None on Windows
< 8.5.1 on Windows
All on Windows *
< 8.3.101-CE on Windows
All on Windows
>= 8.5.1 on Windows
None on Windows *
>= 8.3.101-CE on Windows
2025-02-122025-02-12
7.1CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h4, < 11.2.5
< 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1
< 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3
< 10.1.14-h9
None
All
>= 11.2.4-h4, >= 11.2.5
>= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1
>= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3
>= 10.1.14-h9
All
2025-02-122025-03-06
7.3CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin
PAN-OS OpenConfig Plugin
< 2.1.2
>= 2.1.2
2025-02-122025-02-21
5.5CVE-2025-0109 PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h4, < 11.2.5
< 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1
< 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3
< 10.1.14-h9
None
All
>= 11.2.4-h4, >= 11.2.5
>= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1
>= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3
>= 10.1.14-h9
All
2025-02-122025-03-06
8.8CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h4, < 11.2.5
< 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1
< 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3
< 10.1.14-h9
None
All
>= 11.2.4-h4, >= 11.2.5
>= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1
>= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3
>= 10.1.14-h9
All
2025-02-122025-03-06
iPAN-SA-2025-0003 Informational: PAN-OS BIOS and Bootloader Security Bulletin
Cloud NGFW
PAN-OS
Prisma Access
None
All on PA-3200, PA-5200, PA-7000
None
All
None on PA-3200, PA-5200, PA-7000. No other platforms are affected
All
2025-01-232025-01-27
6.1PAN-SA-2025-0002 Chromium: Monthly Vulnerability Updates
Prisma Access Browser
< 131.140.2943.21
>= 131.205.2943.22
2025-01-082025-01-08
7.8PAN-SA-2025-0001 Expedition: Multiple Vulnerabilities in Expedition Migration Tool Lead to Exposure of Firewall Credentials
Cloud NGFW
Expedition 1
Panorama
PAN-OS
Prisma Access
None
< 1.2.101
None
None
None
All
>= 1.2.101
All
All
All
2025-01-082025-01-15
8.7CVE-2024-3393 PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet
Cloud NGFW
PAN-OS
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
Prisma Access
None
None on Panorama
< 11.2.3
< 11.1.2-h16, < 11.1.3-h13, < 11.1.4-h7, < 11.1.5
>= 10.2.8, < 10.2.8-h19, < 10.2.9-h19, < 10.2.10-h12, < 10.2.11-h10, < 10.2.12-h4, < 10.2.13-h2, < 10.2.14
>= 10.1.14, < 10.1.14-h8, < 10.1.15
None
None
>= 10.2.8 on PAN-OS, < 10.2.9-h19 on PAN-OS, < 10.2.10-h12 on PAN-OS, < 11.2.3 on PAN-OS
All
All on Panorama
>= 11.2.3
>= 11.1.2-h16, >= 11.1.3-h13, >= 11.1.4-h7, >= 11.1.5
< 10.2.8, >= 10.2.8-h19, >= 10.2.9-h19, >= 10.2.10-h12, >= 10.2.11-h10, >= 10.2.12-h4, >= 10.2.13-h2, >= 10.2.14
< 10.1.14, >= 10.1.14-h8, >= 10.1.15
All
All
< 10.2.8 on PAN-OS, >= 10.2.9-h19 on PAN-OS, >= 10.2.10-h12 on PAN-OS, >= 11.2.3 on PAN-OS
2024-12-272025-01-30
6.1PAN-SA-2024-0017 Chromium: Monthly Vulnerability Updates
Prisma Access Browser
< 131.86.2955.0
>= 131.109.2968.0
2024-12-112024-12-11
5.6CVE-2024-5921 GlobalProtect App: Insufficient Certificate Validation Leads to Privilege Escalation
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.1
< 6.3.2* on Windows, < 6.3.2* on macOS
< 6.2.6* on Windows, < 6.2.6-c857* on macOS, < 6.2.1-c31* on Linux, < 6.2.6* on Windows UWP
All on Windows, All on macOS, All on Linux, < 6.1.6* on Android, < 6.1.7* on iOS
None on FIPS-CC mode
None on FIPS-CC mode
>= 6.3.2* on Windows, >= 6.3.2* on macOS
>= 6.2.6* on Windows, >= 6.2.6-c857* on macOS, >= 6.2.1-c31* on Linux, >= 6.2.6* on Windows UWP (ETA: end of Feb)
None on Windows, None on macOS, None on Linux, >= 6.1.6* on Android, >= 6.1.7* on iOS
All on FIPS-CC mode
All on FIPS-CC mode
2024-11-262025-03-06
9.3CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.0-h1, < 11.2.1-h1, < 11.2.2-h2, < 11.2.3-h3, < 11.2.4-h1
< 11.1.0-h4, < 11.1.1-h2, < 11.1.2-h15, < 11.1.3-h11, < 11.1.4-h7, < 11.1.5-h1
< 11.0.0-h4, <  11.0.1-h5, < 11.0.2-h5, < 11.0.3-h13, < 11.0.4-h6, <  11.0.5-h2, < 11.0.6-h1
< 10.2.0-h4, < 10.2.1-h3, <  10.2.2-h6, < 10.2.3-h14, < 10.2.4-h32, < 10.2.5-h9, < 10.2.6-h6, < 10.2.7-h18, < 10.2.8-h15, < 10.2.9-h16, <  10.2.10-h9, < 10.2.11-h6, < 10.2.12-h2
None
None
All
>= 11.2.0-h1, >= 11.2.1-h1, >= 11.2.2-h2, >= 11.2.3-h3, >= 11.2.4-h1
>= 11.1.0-h4, >= 11.1.1-h2, >= 11.1.2-h15, >= 11.1.3-h11, >= 11.1.4-h7, >= 11.1.5-h1
>= 11.0.0-h4, >=  11.0.1-h5, >= 11.0.2-h5, >= 11.0.3-h13, >= 11.0.4-h6, >=  11.0.5-h2, >= 11.0.6-h1
>= 10.2.0-h4, >= 10.2.1-h3, >=  10.2.2-h6, >= 10.2.3-h14, >= 10.2.4-h32, >= 10.2.5-h9, >= 10.2.6-h6, >= 10.2.7-h18, >= 10.2.8-h15, >= 10.2.9-h16, >=  10.2.10-h9, >= 10.2.11-h6, >= 10.2.12-h2
All
All
2024-11-182025-03-03
6.9CVE-2024-9474 PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.0-h1, < 11.2.1-h1, < 11.2.2-h2, < 11.2.3-h3, < 11.2.4-h1
< 11.1.0-h4, < 11.1.1-h2, < 11.1.2-h15, < 11.1.3-h11, < 11.1.4-h7, < 11.1.5-h1
< 11.0.0-h4, < 11.0.1-h5, < 11.0.2-h5, < 11.0.3-h13, < 11.0.4-h6, < 11.0.5-h2, < 11.0.6-h1
< 10.2.0-h4, < 10.2.1-h3, < 10.2.2-h6, < 10.2.3-h14, < 10.2.4-h32, < 10.2.5-h9, < 10.2.6-h6, < 10.2.7-h18, < 10.2.8-h15, < 10.2.9-h16, < 10.2.10-h9, < 10.2.11-h6, < 10.2.12-h2
< 10.1.3-h4, < 10.1.6-h9, < 10.1.8-h8, < 10.1.9-h14, < 10.1.10-h9, < 10.1.11-h10, < 10.1.12-h3, < 10.1.13-h5, < 10.1.14-h6
None
All
>= 11.2.0-h1, >= 11.2.1-h1, >= 11.2.2-h2, >= 11.2.3-h3, >= 11.2.4-h1
>= 11.1.0-h4, >= 11.1.1-h2, >= 11.1.2-h15, >= 11.1.3-h11, >= 11.1.4-h7, >= 11.1.5-h1
>= 11.0.0-h4, >= 11.0.1-h5, >= 11.0.2-h5, >= 11.0.3-h13, >= 11.0.4-h6, >= 11.0.5-h2, >= 11.0.6-h1
>= 10.2.0-h4, >= 10.2.1-h3, >= 10.2.2-h6, >= 10.2.3-h14, >= 10.2.4-h32, >= 10.2.5-h9, >= 10.2.6-h6, >= 10.2.7-h18, >= 10.2.8-h15, >= 10.2.9-h16, >= 10.2.10-h9, >= 10.2.11-h6, >= 10.2.12-h2
>= 10.1.3-h4, >= 10.1.6-h9, >= 10.1.8-h8, >= 10.1.9-h14, >= 10.1.10-h9, >= 10.1.11-h10, >= 10.1.12-h3, >= 10.1.13-h5, >= 10.1.14-h6
All
2024-11-182024-11-21
8.6PAN-SA-2024-0016 Chromium: Monthly Vulnerability Updates
Prisma Access Browser
< 130.59.2920.7
>= 130.117.2920.13
2024-11-132024-11-13
1 - 25 of 438 Download
© 2025 Palo Alto Networks, Inc. All rights reserved.