Security Advisories February 2025 #2

Palo Alto Networks has published CRITICAL SECURITY ADVISORIES FOR THE FOLLOWING PRODUCTS:

• CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
• CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin
• CVE-2025-0109 PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface
• CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface
• PAN-SA-2025-0004 Chromium: Monthly Vulnerability Update (February 2025)
• PAN-SA-2025-0005 GlobalProtect Clientless VPN: Clientless VPN Misconfiguration Allows Cross-Site Attacks

For details and updates please visit the corresponding PALO ALTO NETWORKS SECURITY ADVISORY or contact us via support@nts.eu.