Vulnerability in Palo Alto Networks Cloud Ngfw
CVE-2025-0109
An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user…
EPSS: 0.006 (43.4th percentile) — read the EPSS interpretation.
Affected products
- Palo Alto Networks Cloud Ngfw — versions All
- Palo Alto Networks Pan-os — versions 10.1.0, 10.2.0, 11.1.0
- Palo Alto Networks Prisma Access — versions All
Weakness classification (CWE)
References
- psirt@paloaltonetworks.com (vendor-advisory)