8.7

CVE-2025-0128

Media report

A denial-of-service (DoS) vulnerability in the Simple Certificate Enrollment Protocol (SCEP) authentication feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.

Cloud NGFW is not affected by this vulnerability. Prisma® Access software is proactively patched and protected from this issue.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorPalo Alto Networks
Product Cloud NGFW
Default Statusunaffected
Version All
Status unaffected
VendorPalo Alto Networks
Product PAN-OS
Default Statusunaffected
Version < 11.2.3
Version 11.2.0
Status affected
Version < 11.1.5
Version 11.1.0
Status affected
Version < 11.0.6
Version 11.0.0
Status affected
Version < 10.2.10-h17
Version 10.2.0
Status affected
Version < 10.1.14-h11
Version 10.1.0
Status affected
VendorPalo Alto Networks
Product Prisma Access
Default Statusunaffected
Version < 10.2.4-h36
Version 10.2.0
Status affected
Version < 11.2.4-h5
Version 11.2.0
Status affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.07% 0.227
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
psirt@paloaltonetworks.com 8.7 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Amber
CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.