A patched vulnerability in Palo Alto Networks PAN-OS software is being actively exploited by attackers. When chained with two older vulnerabilities, it allows attackers to gain root access to affected systems. Palo Alto Networks urges users to immediately upgrade their PAN-OS operating systems to the latest patches.
A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two older vulnerabilities, allows attackers to gain root access to affected systems., a 6.9-rated privilege escalation vulnerability in Palo Alto Networks PAN-OS software that allowed an OS administrator with access to the management web interface to perform actions on the firewall with root privileges. The company patched it in November 2024., and rated it a highest urgency patch as the 8.
The vendor’s not explained how the three flaws are chained but we understand doing so allows an attacker to gain more powerful privileges and gain full root access to the firewall.edited and fact-checked this story, the text of CVE-2025-0108 advisory changed to add mention of CVE-2025-0111! "Palo Alto Networks has confirmed reports of active exploitation targeting a CVSS 6.9 vulnerability in the PAN-OS web management interface. This vulnerability, chained with other vulnerabilities like CVE-2024-9474, could allow unauthorized access to unpatched and unsecured firewalls," the biz confirmed to"We are urging all customers with internet-facing PAN-OS management interfaces to immediately apply the security updates released on February 12, 2025.
Palo Alto Networks PAN-OS Vulnerability Exploit Root Access Security Patch
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Palo Alto Firewalls Unexpectedly Reboot, Patch AvailableAdministrators of Palo Alto Networks' firewalls have reported unexpected reboots, potentially caused by specific network traffic. A patch has been released for affected users, with a general availability update expected by February 20th. The issue highlights the importance of timely updates and security vigilance for critical network infrastructure.
Read more »
How to use the new social networks effectively as a creativeTom May is an award-winning journalist and editor specialising in design, photography and technology. Author of the Amazon 1 bestseller Great TED Talks: Creativity, published by Pavilion Books, Tom was previously editor of Professional Photography magazine, associate editor at Creative Bloq, and deputy editor at net magazine.
Read more »
Multiple phone networks go down across UK including EE, Vodafone and ThreeEE and Three customers in London and Manchester have reported issues accessing the internet and receiving signals to their phones today.
Read more »
Social Media Crackdown Targets People Smuggling NetworksThe National Crime Agency (NCA) has intensified its efforts to combat people smuggling by removing over 8,000 social media accounts promoting dangerous small boat crossings to the UK in 2024. This reflects a 40% increase compared to the previous year and highlights the agency's commitment to disrupting these criminal networks.
Read more »
International travel and health care networks drive Candida auris outbreaksIn just a decade, the drug-resistant fungal pathogen Candida auris (C. auris) has emerged as one of the most formidable threats to health care settings worldwide.
Read more »
Tech Billionaires Invest Heavily in London Spirit and Welsh FireA consortium of tech billionaires led by Nikesh Arora, CEO of Palo Alto Networks, has purchased a 49% stake in London Spirit for £145 million, valuing the franchise at £300 million. Meanwhile, Major League Cricket (MLC) franchise Washington Freedom, backed by Indian-American entrepreneur Sanjay Govil, acquired a stake in Welsh Fire for around £80 million. These deals are part of a broader strategy by the England and Wales Cricket Board (ECB) to attract investment and boost the popularity of The Hundred.
Read more »