Security Advisory

PaloAlto Product Security Update Advisory

  • Apr 18 2025
PaloAlto Product Security Update Advisory

Overview

 

We have released security updates to fix vulnerabilities in PaloAlto products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-0120

GlobalProtect App 6.3 on Windows Version: 6.3.3 and earlier
GlobalProtect App 6.2 on Windows Version: 6.2.7-h3 and earlier
GlobalProtect App 6.2 on Windows versions: 6.2.8 and earlier
GlobalProtect App 6.1 on Windows versions: All versions
GlobalProtect App 6.0 on Windows versions: All versions

 

CVE-2025-0126, CVE-2025-0127, CVE-2025-0128

PAN-OS 11.2 versions: 11.2.3 and earlier
PAN-OS 11.1 Versions: 11.1.5 and earlier
PAN-OS 11.0 Versions: 11.0.6 and earlier
PAN-OS 10.2 Versions: 10.2.4-h25 and earlier
PAN-OS 10.2 Versions: 10.2.9-h13 and earlier
PAN-OS 10.2 Versions: 10.2.10-h6 and earlier
PAN-OS 10.2 Versions: 10.2.11 and earlier
PAN-OS 10.1 version: 10.1.14-h11 or earlier
Prisma Access version: 10.2.4-h36 on PAN-OS or earlier
Prisma Access version: 10.2.10-h16 on PAN-OS and earlier
Prisma Access version: 11.2.4-h5 on PAN-OS and earlier

 

CVE-2025-0129

Prisma Access Browser version: 132.83.3017.1 or lower

 

 

Resolved Vulnerabilities

 

Vulnerability that could allow an authenticated user to escalate their privileges (CVE-2025-0120)
Login session fixation vulnerability (CVE-2025-0126)
Command injection vulnerability that could allow an authenticated user to bypass system restrictions and issue arbitrary strings with root user Privileges (CVE-2025-0127)
Denial of Service Vulnerability (CVE-2025-0128)
Improper Control Behavior Vulnerability (CVE-2025-0129)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-0120

GlobalProtect App 6.3 on Windows Version: 6.3.3 and later
GlobalProtect App 6.2 on Windows version: 6.2.7-h3 or later
GlobalProtect App 6.2 on Windows version: 6.2.8 and later
GlobalProtect App 6.1 on Windows version: 6.2.8 or later or 6.3.3 or later
GlobalProtect App 6.0 on Windows version: 6.2.8 or later or 6.3.3 or later

 

CVE-2025-0126, CVE-2025-0127, CVE-2025-0128

PAN-OS 11.2 Version: 11.2.3 or later
PAN-OS 11.1 Version: 11.1.5 and later
PAN-OS 11.0 Version: 11.0.6 and later
PAN-OS 10.2 Version: 10.2.4-h25 and later
PAN-OS 10.2 Version: 10.2.9-h13 and later
PAN-OS 10.2 Version: 10.2.10-h6 and later
PAN-OS 10.2 Version: 10.2.11 and later
PAN-OS 10.1 version: 10.1.14-h11 or later
Prisma Access version: 10.2.4-h36 on PAN-OS and later
Prisma Access version: 10.2.10-h16 on PAN-OS and later
Prisma Access version: 11.2.4-h5 on PAN-OS and later

 

CVE-2025-0129

Prisma Access Browser version: 132.83.3017.1 and higher

 

 

References

[1] CVE-2025-0120 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://security.paloaltonetworks.com/CVE-2025-0120
[2] CVE-2025-0126 PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login
https://security.paloaltonetworks.com/CVE-2025-0126
[3] CVE-2025-0127 PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series
https://security.paloaltonetworks.com/CVE-2025-0127
[4] CVE-2025-0128 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet
https://security.paloaltonetworks.com/CVE-2025-0128
[5] PAN-SA-2025-0008 Chromium and Prisma Access Browser: Monthly Vulnerability Update (April 2025)
https://security.paloaltonetworks.com/PAN-SA-2025-0008

Tags:
Previous Post

Next Post