Auth bypass in Palo Alto Networks Cortex Xdr Broker Vm

CVE-2025-0132

A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM.  The attacker must have network access to the Broker VM to exploit th…

Vulnerability class: Broken Authentication

EPSS: 0.004 (30.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References