Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ firewalls, are ramping up. “GreyNoise now sees 25 malicious IPs actively exploiting CVE-2025-0108, up from 2 on February 13,” the threat intelligence company shared on Tuesday. “This high-severity flaw allows unauthenticated attackers to execute specific PHP scripts, potentially leading to unauthorized access to vulnerable systems.” CVE-2025-0108 + CVE-2024-9474 and/or CVE-2025-0111 Palo Alto Networks has updated the … More
The post Attackers are chaining flaws to breach Palo Alto Networks firewalls appeared first on Help Net Security.
