PaloAlto Product Security Update Advisory

Mar 14 2025

Overview

We have released security updates to fix vulnerabilities in PaloAlto products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-0114

PAN-OS Version: ~11.0.2 (excluded)
PAN-OS Version: ~10.2.5 (excluded)
PAN-OS Version: ~10.1.14-h11 (excluded)

CVE-2025-0117

GlobalProtect App Windows version: ~6.3.3 (excluded)
GlobalProtect App Windows version: ~6.2.6 (excluded)
GlobalProtect App Windows version: 6.1 all versions
GlobalProtect App Windows version: 6.0 All Versions

Resolved Vulnerabilities

Denial of service vulnerability that could allow an unauthenticated attacker to send a large number of packets and cause the service to become unavailable (CVE-2025-0114)
vulnerability that could allow an authenticated user to escalate privileges (CVE-2025-0117)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-0114

PAN-OS version: 11.0.2 or later
PAN-OS Version: 10.2.5 and later
PAN-OS version: 10.1.14-h11 and later

CVE-2025-0117

GlobalProtect App Windows version: 6.3.3 or later
GlobalProtect App Windows version: 6.2.6 and later

References

[1] CVE-2025-0114 PAN-OS: Denial of Service (DoS) in GlobalProtect
https://security.paloaltonetworks.com/CVE-2025-0114
[2] CVE-2025-0117 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://security.paloaltonetworks.com/CVE-2025-0117

PaloAlto Product Security Update Advisory

Apple Family March 2025 Security Update Advisory

Cisco Family March 2025 First Round Security Update Advisory

Tags:

Apple Family March 2025 Security Update Advisory

Cisco Family March 2025 First Round Security Update Advisory