CyberSecurityBoard
Sponsor Register Login

Palo Alto Networks Warns Hackers Combining Vulnerabilities to Compromise Firewalls

Palo Alto Networks has issued urgent warnings as cybersecurity researchers observe threat actors exploiting a combination of vulnerabilities in PAN-OS, the operating system powering its next-generation firewalls. By combining these vulnerabilities, attackers bypass authentication, escalate privileges, and extract critical system files, achieving full root access to firewalls. Coordinated attacks, which bypass chain authentication and privilege escalation flaws, enable unauthorized access to unpatched devices, posing severe risks to enterprise network integrity. Discovered by Assetnote researchers and disclosed on February 12, 2025, it allows unauthenticated attackers to execute specific PHP scripts, compromising system confidentiality and integrity. The recurring exploitation of Palo Alto vulnerabilities underscores the risks of internet-exposed management interfaces. Assetnote’s Shubham Shah highlighted that while CVE-2025-0108 requires chaining with other flaws, the prevalence of unpatched systems and public proof-of-concept exploits lowers the barrier for attackers. Steven Thai, a Palo Alto spokesperson, reiterated the criticality of timely updates: “The security of our customers remains our top priority. The primary vulnerability under active exploitation, CVE-2025-0108, is an authentication bypass flaw in PAN-OS’s management web interface. With Palo Alto firewalls securing 24% of enterprise cloud environments, proactive mitigation remains essential to thwart large-scale breaches. CISA added CVE-2025-0108 to its Known Exploited Vulnerabilities catalog on February 19, mandating federal agencies to remediate it by March 7, 2025. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. While this vulnerability alone does not permit remote code execution, its exploitation surged within 24 hours of disclosure, with GreyNoise tracking 25 malicious IPs by February 18. As of February 19, 2025, GreyNoise continues tracking exploit attempts, noting concentrated IPs from regions historically linked to state-sponsored and cybercriminal groups.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 19 Feb 2025 14:35:05 +0000


Cyber News related to Palo Alto Networks Warns Hackers Combining Vulnerabilities to Compromise Firewalls

Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
9 months ago Darkreading.com
A Leader in 2024 Forrester Enterprise Firewall Solutions Wave - Palo Alto Networks has long recognized these challenges, which is why we’ve built a network security platform that not only protects but also fosters business growth and innovation in today’s complex environment. We believe the recognition of ...
4 months ago Paloaltonetworks.com
Research Shows 163% ROI with Palo Alto Networks Software Firewalls - Good news is here for cloud and network security professionals who need proven, cost-effective solutions that substantially reduce downtime and breaches across a range of cloud and virtualized environments. Palo Alto Networks software firewalls not ...
1 year ago Paloaltonetworks.com
8 Common Types of Firewalls Explained & When to Use Each - The eight types of deployable firewalls include traditional network firewalls, unified threat management, next-generation firewalls, web application firewalls, database firewalls, cloud firewalls, container firewalls, and firewalls-as-a-service. ...
1 year ago Esecurityplanet.com
Palo Alto Networks and Deloitte Expand Strategic Alliance Globally - 1, 2024 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW) and Deloitte today announced an expansion of their strategic alliance into EMEA and JAPAC regions, making Palo Alto Networks® AI-powered cybersecurity solutions and joint offerings available ...
4 months ago Darkreading.com
Exploit released for Palo Alto PAN-OS bug used in attacks, patch now - Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software. Tracked as CVE-2024-3400, this security flaw can let unauthenticated threat actors execute arbitrary code as ...
10 months ago Bleepingcomputer.com
CISOs Grapple With IBM's Unexpected Cybersecurity Software Exit - IBM's surprise departure from cybersecurity software this week didn't just rearrange the competitive landscape - it also reshuffled the procurement plans and vendor relationships for many CISOs rebuilding their SOCs. IBM has agreed to sell the QRadar ...
9 months ago Darkreading.com
Palo Alto Networks Warns Hackers Combining Vulnerabilities to Compromise Firewalls - Palo Alto Networks has issued urgent warnings as cybersecurity researchers observe threat actors exploiting a combination of vulnerabilities in PAN-OS, the operating system powering its next-generation firewalls. By combining these vulnerabilities, ...
1 day ago Cybersecuritynews.com
9 Best Next-Generation Firewall Solutions for 2023 - Next-generation firewalls are network security solutions that go beyond the traditional port/protocol inspection by incorporating application-level inspection, intrusion prevention, and external threat intelligence. As the third generation in ...
1 year ago Esecurityplanet.com
CISA Warns of Palo Alto PAN-OS Vulnerability Actively Exploited in the Wild - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding actively exploiting a high-severity authentication bypass vulnerability (CVE-2025-0108) in Palo Alto Networks PAN-OS, the operating system powering the ...
2 days ago Cybersecuritynews.com
Patch Now: Palo Alto Flaw Exploited in the Wild - Indeed, researchers observed attackers making exploit attempts by chaining CVE-2025-0108 with two other PAN-OS Web management interface flaws — CVE-2024-9474, a privilege escalation flaw, and CVE-2025-0111, an authenticated file read vulnerability ...
1 day ago Darkreading.com
Unlocking the Economic Benefit of NGFWs - Cyberthreats are increasing in volume and complexity, making it difficult for network defenders to protect their organizations. Threat actors are evolving their tools and techniques, finding new ways to employ artificial intelligence to avoid ...
11 months ago Paloaltonetworks.com
Palo Alto Networks Recognized as a Leader in the 2023 Gartner Magic Quadrant for Endpoint Protection Platforms - Today, we are pleased to announce that Palo Alto Networks has been named a Leader in the 2023 Gartner Magic Quadrant for Endpoint Protection Platforms. Before we dive into the significance of this year's Magic Quadrant for EPP, I want to take a ...
1 year ago Paloaltonetworks.com
Palo Alto Networks Prevents Data Loss at Enterprise Scale with NVIDIA - With NVIDIA accelerated computing and AI software, cybersecurity leaders like Palo Alto Networks can safeguard vast amounts of sensitive information with unprecedented speed and accuracy, ushering in a new era of AI-driven data protection. The ...
4 months ago Paloaltonetworks.com
Vulnerability Recap 4/15/24: Palo Alto, Microsoft, Ivanti Exploits - Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users' data security. Multiple Vulnerabilities Discovered in LG WebOS Smart TVs. Type of vulnerability: Authorization bypass, ...
10 months ago Esecurityplanet.com
How to track and stop CVE-2024-3400: Palo Alto Devices API Exploit Causing Critical Infrastructure and Enterprise Epidemics - On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. Palo Alto has marked this ...
10 months ago Securityboulevard.com
Palo Alto Networks Completes Acquisition of Talon - Palo Alto Networks announced today that it has completed the acquisition of Talon Cyber Security, an Israeli startup selling a secure browser technology to enterprise customers. Palo Alto first announced plans to buy Talon in November 2023 in a deal ...
1 year ago Securityweek.com
Investing in Cloud Infrastructure in the Kingdom of Saudi Arabia - Digital transformation is at the heart of the Kingdom of Saudi Arabia's ambitious Vision 2030 program as the nation looks to future-proof its economy and enhance people's lives. The Kingdom is looking to diversify its economy and develop public ...
8 months ago Paloaltonetworks.com
Providing Optimal Cloud Security Outcomes Through StateRAMP - Palo Alto Networks reaches a significant milestone as our commitment to comprehensive security achieves the largest number of StateRAMP marketplace approved cybersecurity offerings. In its commitment to be the state and local government's ...
11 months ago Paloaltonetworks.com
Palo Alto Networks tags new firewall bug as exploited in attacks - Palo Alto Networks warns that a file read vulnerability (CVE-2025-0111) is now being chained in attacks with two other flaws (CVE-2025-0108 with CVE-2024-9474) to breach PAN-OS firewalls in active attacks. "Palo Alto Networks has observed exploit ...
1 day ago Bleepingcomputer.com
SentinelOne vs Palo Alto Cortex XDR: Which Tool is Best? - SentinelOne and Palo Alto are two of the top brands in this space, and this comparison will help you decide if either one of the company's tools is right for you. SentinelOne's Singularity platform offers four subscription tiers that include their ...
8 months ago Techrepublic.com
See How Our Cloud-Delivered Security Services Provide 357% ROI - Investing in Palo Alto Networks Cloud-Delivered Security Services provided a 357% return on investment and net present value of $10.04 million over 3 years, along with a 6-month payback period, according to a recently released Forrester Consulting ...
11 months ago Paloaltonetworks.com
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - Palo Alto Networks has disclosed a critical vulnerability (CVE-2025-010) in its PAN-OS software that could allow attackers to bypass authentication on the management web interface. While the vulnerability is rated as HIGH severity, Palo Alto Networks ...
1 week ago Cybersecuritynews.com
In Other News: Palo Alto Loses Patent Lawsuit, Identity Firms Get Funding, Government Hackers - SecurityWeek's cybersecurity roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability ...
1 year ago Securityweek.com
Google Released PoC Exploit for Palo Alto Firewall Command Injection Vulnerability - Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection vulnerability in Palo Alto Networks’ PAN-OS OpenConfig plugin. Tracked as CVE-2025-0110, the flaw ...
1 hour ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)