From Cyber Security News – Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability

News

From Cyber Security News – Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability

shaikh Saqib February 21, 2025

Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection vulnerability in Palo Alto Networks’ PAN-OS OpenConfig plugin. Tracked as CVE-2025-0110, the flaw allows authenticated administrators to execute arbitrary commands on firewalls via manipulated gNMI requests, escalating privileges to root access. The disclosure follows Palo Alto
The post Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability appeared first on Cyber Security News. Read More

authenticated firewall exploitation command injection exploit CVE-2025-0108 authentication bypass cyber awareness cyber defense cyber protection cybersecurity cybersecurity news cybersecurity vulnerability disclosure data breaches digital privacy firewall exploitation chains firewall security best practices gNMI protocol security risk GreyNoise malicious IP tracking hacking hacking news infosec infosec news network security note online security OpenConfig plugin security Palo Alto firewall hardening Palo Alto firewall patch update Palo Alto Networks CVE-2025-0110 PAN-OS critical infrastructure threats PAN-OS OpenConfig vulnerability privilege escalation to root security perspective security updates Shadowserver exposed firewall risk threat threat hunting for gNMI attacks threat intelligence threat note threatnote UPSTYLE malware persistence zero-trust firewall security

Last updated on February 21, 2025