Hackers exploit authentication bypass in Palo Alto Networks PAN-OS www.bleepingcomputer.com/news/secu…

Hackers are launching attacks against Palo Alto Networks PAN-OS firewalls by exploiting a recently fixed vulnerability (CVE-2025-0108) that allows bypassing authentication.

The security issue received a high-severity score and impacts the PAN-OS management web interface and allows an unauthenticated attacker on the network to bypass authentication and invoke certain PHP scripts, potentially compromising integrity and confidentiality.

The vulnerability was discovered and reported to Palo Alto Networks by security researchers at Assetnote. They also published a write-up with complete exploitation details when the patch was released.