- Description
- A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access are not impacted by this vulnerability.
- Source
- psirt@paloaltonetworks.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.6
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber
- Severity
- HIGH
- psirt@paloaltonetworks.com
- CWE-77
- Hype score
- Not currently trending
🚨 Heads up, cybersecurity pros! CVE-2025-4231, a high-risk command injection vulnerability, poses a threat to Palo Alto Networks PAN-OS® users. Authenticated admins can gain root access. 🌐 Ensure your network's defenses are up! Cloud NGFW & Prisma Access are safe. 🔒
@SecAideInfo
15 Jun 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4231 A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must hav… https://t.co/zg9dKF3GBD
@CVEnew
12 Jun 2025
395 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[CVE-2025-4231: HIGH] Palo Alto Networks PAN-OS® has a critical command injection vulnerability, allowing admin users to act as root. Attacker needs web access and authentication to exploit this flaw.#cve,CVE-2025-4231,#cybersecurity https://t.co/eu1NdoRCP5 https://t.co/zNmO4hGP
@CveFindCom
12 Jun 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes