PaloAlto – Page 2 – TheCyberThrone

CVE-2025-0139 Local Privilege Escalation in Palo Alto ADEM for macOS

Summary CVE-2025-0139 is a local privilege escalation vulnerability in Palo Alto Networks’ Autonomous Digital Experience Management (ADEM) agent for macOS, allowing a low-privileged authenticated local user to escalate their privileges…

PravinKarthik July 11, 2025

CVE-2025-0133 impacts PaloAlto GlobalProtect

A cross-site scripting (XSS) vulnerability, identified as CVE-2025-0133, has been discovered in the GlobalProtect gateway and portal features of Palo Alto Networks PAN-OS. This flaw enables attackers to execute arbitrary…

PravinKarthik May 25, 2025

Google Released PoC for CVE-2025-0110 PAN OS Flaw

Google's Project Zero and Mandiant cybersecurity teams have jointly released a proof-of-concept (PoC) exploit for a significant security vulnerability identified in Palo Alto Networks' PAN-OS OpenConfig plugin. This vulnerability, tracked…

PravinKarthik February 23, 2025

CISA Adds Palo Alto and SonicWall Vulnerabilities to KEV

The Cybersecurity and Infrastructure Security Agency (CISA) has recently identified and added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities, affecting Palo Alto Networks' PAN-OS and…

PravinKarthik February 19, 2025

CVE-2025-0108 impacts PaloAlto PAN-OS

CVE-2025-0108 is a high-severity vulnerability affecting Palo Alto Networks PAN-OS software. Description CVE-2025-0108 is an authentication bypass vulnerability in the PAN-OS management web interface. This flaw allows an unauthenticated attacker…

PravinKarthik February 13, 2025

CVE-2025-0107 PoC Exploit Code Released for PaloAlto Flaw

Background: CVE-2025-0107 is a critical OS command injection vulnerability discovered in Palo Alto Networks' Expedition Tool, version 1.2.101 and earlier. Recently, security researchers released a Proof-of-Concept (PoC) exploit code, which…

PravinKarthik January 19, 2025

CISA adds PaloAlto CVE-2024-3393 to its KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) recently added CVE-2024-3393 to its Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability affects Palo Alto Networks' PAN-OS software and involves a malformed DNS…

PravinKarthik December 31, 2024

CVE-2024-3393 DoS Vulnerability in Palo Alto PAN-OS

CVE-2024-3393 is a high-severity Denial of Service (DoS) vulnerability discovered in the DNS Security feature of Palo Alto Networks' PAN-OS software. This vulnerability can be exploited by an unauthenticated attacker,…

PravinKarthik December 28, 2024