Auth bypass in Palo Alto Networks Prisma Access Browser
CVE-2025-0129
An improper exception check in Palo Alto Networks Prisma Access Browser allows a low privileged user to prevent Prisma Access Browser from applying it's Policy Rules. This enables the user to use Prisma Access Browser without any restricti…
EPSS: 0.002 (4.8th percentile) — read the EPSS interpretation.
Affected products
- Palo Alto Networks Prisma Access Browser — versions 1
Weakness classification (CWE)
Public proof-of-concept exploits
References
- psirt@paloaltonetworks.com (vendor-advisory)
Frequently asked questions
- What is CVE-2025-0129?
- CVE-2025-0129 is a vulnerability in Palo Alto Networks Prisma Access Browser, classified under Improper Check for Unusual or Exceptional Conditions. Published 2025-04-11.
- Is CVE-2025-0129 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.