Deserialization in Palo Alto Networks Checkov By Prisma Cloud
CVE-2025-2180
An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma®…
Vulnerability class: Insecure Deserialization
EPSS: 0.002 (6.6th percentile) — read the EPSS interpretation.
Affected products
- Palo Alto Networks Checkov By Prisma Cloud — versions 3.2.0
Weakness classification (CWE)
References
- psirt@paloaltonetworks.com (vendor-advisory)