Security Advisory

Palo Alto Networks Family June 2025 Security Update Advisory

  • Jun 12 2025
Palo Alto Networks Family June 2025 Security Update Advisory

Overview

 

Palo Alto Networks(https://www.paloaltonetworks.com/) has released a security update that fixes vulnerabilities in products it has been made. Users of affected products are advised to update to the latest version.

 

Affected Products

 

Prisma Access Browser version 136.24.1.93 and earlier

GlobalProtect App 6.3.3 on macOS and earlier

GlobalProtect App 6.2.8-h2 on macOS and earlier

GlobalProtect App 6.1 on macOS all versions

GlobalProtect App 6.0 on macOS all versions

PAN-OS 11.0.3 or earlier

PAN-OS 10.2.8 and earlier

PAN-OS 10.1 all versions

PAN-OS 11.2.6 and earlier

PAN-OS 11.1.10 and earlier

PAN-OS 10.2.14 and earlier

PAN-OS 10.1.14-h15 or earlier

 

 

Resolved Vulnerabilities

 

Multiple security vulnerabilities in Prisma Access Browser (PAN-SA-2025-0011, CVSS 8.6) [1]

Vulnerability in GlobalProtect App that allows non-administrator users to escalate privileges to root (CVE-2025-4232, CVSS 7.1) [2]

Vulnerability in PAN-OS that allows an authenticated administrator to perform actions with root user privileges (CVE-2025-4231, CVSS 6.1) [3]

Vulnerability in PAN-OS that allows an authenticated administrator to bypass system restrictions and execute arbitrary commands with root user privileges (CVE-2025-4230, CVSS 5.7) [4]

 

Vulnerability Patches

 

The June 11, 2025 update provided the following product-specific Vulnerability Patches

Prisma Access Browser 137.16.2.69 and later versions

GlobalProtect App 6.3.3 on macOS and later versions

GlobalProtect App 6.2.8-h2 on macOS [ETA June 2025] and later versions

PAN-OS 11.0.3 and later versions

PAN-OS 10.2.8 and later versions

PAN-OS 11.2.6 and later

PAN-OS 11.1.10 and later

PAN-OS 10.2.14 and later

PAN-OS 10.1.14-h15 and later

 

Referenced Sites

 

[1] Chromium and Prisma Access Browser: Monthly Vulnerability Update (June 2025)

https://security.paloaltonetworks.com/PAN-SA-2025-0011

[2] GlobalProtect: Authenticated Code Injection Through Wildcard on macOS

https://security.paloaltonetworks.com/CVE-2025-4232

[3] PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface

https://security.paloaltonetworks.com/CVE-2025-4231

[4] PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI

https://security.paloaltonetworks.com/CVE-2025-4230

Tags:
Previous Post

Next Post