| | Versions | Affected | Unaffected | | |
|---|
| 4 | CVE-2025-0120
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability | GlobalProtect App GlobalProtect App 6.3 GlobalProtect App 6.2 GlobalProtect App 6.1 GlobalProtect App 6.0 GlobalProtect UWP App | None on macOS, None on Linux, None on iOS, None on Android, None on Chrome OS < 6.3.3 on Windows < 6.2.7-h3 on Windows, < 6.2.8 on Windows All on Windows < 6.0.12 on Windows None | All on macOS, All on Linux, All on iOS, All on Android, All on Chrome OS >= 6.3.3 on Windows (ETA: End of April 2025) >= 6.2.7-h3 on Windows, >= 6.2.8 on Windows None on Windows >= 6.0.12 on Windows (ETA: May 2025) All | 2025-04-09 | 2025-04-21 |
| 4.3 | CVE-2025-0121
Cortex XDR Agent: Local Windows User Can Crash the Agent | Cortex XDR Agent 8.7 Cortex XDR Agent 8.6 Cortex XDR Agent 8.5 Cortex XDR Agent 8.3-CE Cortex XDR Agent 7.9-CE | None on Windows < 8.6.1 on Windows < 8.5.2 on Windows < 8.3.101-CE HF on Windows < 7.9.103-CE HF on Windows | All on Windows >= 8.6.1 on Windows >= 8.5.2 on Windows >= 8.3.101-CE HF on Windows >= 7.9.103-CE HF on Windows | 2025-04-09 | 2025-04-09 |
| 4.9 | CVE-2025-0122
Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through Burst of Crafted Packets | Prisma SD-WAN 6.5 Prisma SD-WAN 6.4 Prisma SD-WAN 6.3 Prisma SD-WAN 6.2 Prisma SD-WAN 6.1 Prisma SD-WAN 5.6 | < 6.5.1 < 6.4.2 < 6.3.4 All < 6.1.10 All | >= 6.5.1 >= 6.4.2 >= 6.3.4 None >= 6.1.10 None | 2025-04-09 | 2025-04-15 |
| 1.9 | CVE-2025-0123
PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.6 < 11.1.8 < 10.2.15 < 10.1.14-h13 None | All >= 11.2.6 >= 11.1.8 >= 10.2.15 (ETA: 05/15) >= 10.1.14-h13 All | 2025-04-09 | 2025-04-09 |
| 2 | CVE-2025-0124
PAN-OS: Authenticated File Deletion Vulnerability on the Management Web Interface | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | All < 11.2.1 < 11.1.5 < 11.0.6 < 10.2.10 < 10.1.14-h11 None | None (ETA end of April) >= 11.2.1 >= 11.1.5 >= 11.0.6 >= 10.2.10 >= 10.1.14-h11 All | 2025-04-09 | 2025-04-09 |
| 4.4 | CVE-2025-0125
PAN-OS: Improper Neutralization of Input in the Management Web Interface | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.5 < 11.1.5 < 11.0.6 < 10.2.11 < 10.1.14-h11 None | All >= 11.2.5 >= 11.1.5 >= 11.0.6 >= 10.2.11 >= 10.1.14-h11 All | 2025-04-09 | 2025-04-16 |
| 5.6 | CVE-2025-0126
PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.3 < 11.1.5 < 11.0.6 < 10.2.4-h25, < 10.2.9-h13, < 10.2.10-h6, < 10.2.11 < 10.1.14-h11 < 10.2.4-h36 on PAN-OS, < 10.2.10-h16 on PAN-OS, < 11.2.4-h5 on PAN-OS | All >= 11.2.3 >= 11.1.5 >= 11.0.6 >= 10.2.4-h25, >= 10.2.9-h13, >= 10.2.10-h6, >= 10.2.11 >= 10.1.14-h11 >= 10.2.4-h36 on PAN-OS, >= 10.2.10-h16 on PAN-OS, >= 11.2.4-h5 on PAN-OS | 2025-04-09 | 2025-04-09 |
| 4 | CVE-2025-0127
PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None None on VM-Series None on VM-Series < 11.0.4 on VM-Series < 10.2.9 on VM-Series < 10.1.14-h13 on VM-Series None | All All on VM-Series All on VM-Series >= 11.0.4 on VM-Series >= 10.2.9 on VM-Series >= 10.1.14-h13 on VM-Series All | 2025-04-09 | 2025-04-09 |
| 6.6 | CVE-2025-0128
PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None on PAN-OS < 11.2.3 < 11.1.5 < 11.0.6 < 10.2.10-h17 < 10.1.14-h11 < 10.2.4-h36 on PAN-OS, < 10.2.10-h16 on PAN-OS, < 11.2.4-h5 on PAN-OS | All on PAN-OS >= 11.2.3 >= 11.1.5 >= 11.0.6 >= 10.2.10-h17 >= 10.1.14-h11 >= 10.2.4-h36 on PAN-OS, >= 10.2.10-h16 on PAN-OS, >= 11.2.4-h5 on PAN-OS | 2025-04-09 | 2025-04-09 |
| 2.4 | CVE-2025-0119
Cortex XDR Broker VM: Authenticated Command Injection Vulnerability in Broker VM | | | | 2025-04-09 | 2025-04-09 |
| 7.6 | PAN-SA-2025-0008
Chromium and Prisma Access Browser: Monthly Vulnerability Update (April 2025) | | | | 2025-04-09 | 2025-04-09 |
| 2.2 | CVE-2025-0118
GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability | GlobalProtect App GlobalProtect App 6.3 GlobalProtect App 6.2 GlobalProtect App 6.1 GlobalProtect App 6.0 GlobalProtect UWP App | None on macOS, Linux, iOS, Android, Chrome OS < 6.3.3 on Windows < 6.2.5 on Windows < 6.1.6 on Windows < 6.0.11 on Windows None | All on macOS, Linux, iOS, Android, Chrome OS >= 6.3.3 on Windows >= 6.2.5 on Windows >= 6.1.6 on Windows >= 6.0.11 on Windows All | 2025-03-12 | 2025-03-12 |
| 4.3 | CVE-2025-0117
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability | GlobalProtect App GlobalProtect App 6.3 GlobalProtect App 6.2 GlobalProtect App 6.1 GlobalProtect App 6.0 GlobalProtect UWP App | None on iOS, None on Android, None on Chrome OS, None on macOS < 6.3.3 on Windows < 6.2.6 on Windows All on Windows All on Windows None | All on iOS, All on Android, All on Chrome OS, All on macOS >= 6.3.3 on Windows (ETA: End of April 2025)* >= 6.2.6 on Windows* None on Windows None on Windows (Fix version ETA: May 2025) All | 2025-03-12 | 2025-04-11 |
| 4.3 | CVE-2025-0116
PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.5 < 11.1.4-h17, < 11.1.6-h6, < 11.1.8 < 10.2.10-h17, < 10.2.13-h5, < 10.2.14 < 10.1.14-h11 None | All >= 11.2.5 >= 11.1.4-h17, >= 11.1.6-h6, >= 11.1.8 >= 10.2.10-h17, >= 10.2.13-h5, >= 10.2.14 >= 10.1.14-h11 All | 2025-03-12 | 2025-04-04 |
| 4.3 | CVE-2025-0115
PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.3 < 11.1.4-h17, < 11.1.5 < 11.0.6 < 10.2.11 < 10.1.14-h11 None | All >= 11.2.3 >= 11.1.4-h17, >= 11.1.5 >= 11.0.6 >= 10.2.11 >= 10.1.14-h11 All | 2025-03-12 | 2025-04-02 |
| 4.6 | CVE-2025-0114
PAN-OS: Denial of Service (DoS) in GlobalProtect | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None None None < 11.0.2 < 10.2.5 < 10.1.14-h11 None | All All All >= 11.0.2 >= 10.2.5 >= 10.1.14-h11 All | 2025-03-12 | 2025-03-12 |
| 7.6 | PAN-SA-2025-0007
Chromium: Monthly Vulnerability Update (March 2025) | | | | 2025-03-12 | 2025-03-12 |
| 4.9 | CVE-2025-0113
Cortex XDR Broker VM: Unauthorized Access to Broker VM Docker Containers | | | | 2025-02-12 | 2025-02-12 |
| i | PAN-SA-2025-0006
Informational Bulletin: Impact of OSS CVEs in PAN-OS | | | | 2025-02-12 | 2025-02-12 |
| i | PAN-SA-2025-0005
GlobalProtect Clientless VPN: Clientless VPN Misconfiguration Allows Cross-Site Attacks | Cloud NGFW PAN-OS Prisma Access | | | 2025-02-12 | 2025-02-12 |
| 6.1 | PAN-SA-2025-0004
Chromium: Monthly Vulnerability Update (February 2025) | | | | 2025-02-12 | 2025-02-12 |
| 6.6 | CVE-2024-1135
Impact of CVE-2024-1135 | | | | 2025-02-12 | 2025-02-12 |
| 4.3 | CVE-2025-0112
Cortex XDR Agent: Local Windows User Can Disable the Agent | Cortex XDR Agent 8.6 Cortex XDR Agent 8.5 Cortex XDR Agent 8.4 Cortex XDR Agent 8.3-CE | None on Windows < 8.5.1 on Windows All on Windows * < 8.3.101-CE on Windows | All on Windows >= 8.5.1 on Windows None on Windows * >= 8.3.101-CE on Windows | 2025-02-12 | 2025-02-12 |
| 7.1 | CVE-2025-0111
PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.4-h4, < 11.2.5 < 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1 < 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3 < 10.1.14-h9 None | All >= 11.2.4-h4, >= 11.2.5 >= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1 >= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3 >= 10.1.14-h9 All | 2025-02-12 | 2025-03-06 |
| 7.3 | CVE-2025-0110
PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin | | | | 2025-02-12 | 2025-02-21 |