Unrated severityNVD Advisory· Published Apr 11, 2025· Updated Apr 11, 2025

PAN-OS: Authenticated File Deletion Vulnerability on the Management Web Interface

CVE-2025-0124

Description

An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but does not include system files.

The attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

This issue affects Cloud NGFW. However, this issue does not affect Prisma® Access software.

Affected products

Paloaltonetworks/Pan Osv52 versions
cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*range: 11.2.0
- (no CPE)
Paloaltonetworks/Cloud NGFWllm-fuzzy2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: All
Paloaltonetworks/Prisma Access Agentcpe-rescue
Range: All

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.paloaltonetworks.com/CVE-2025-0124mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000