{"id":1946,"date":"2025-02-14T19:34:14","date_gmt":"2025-02-14T19:34:14","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=1946"},"modified":"2025-02-14T19:34:14","modified_gmt":"2025-02-14T19:34:14","slug":"palo-alto-networks-firewall-bug-being-exploited-by-threat-actors-report","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=1946","title":{"rendered":"Palo Alto Networks firewall bug being exploited by threat actors: Report"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>Admins with firewalls from Palo Alto Networks should make sure the devices are fully patched and the management interface blocked from open internet access after the discovery this week of a zero-day login authentication bypass in the PAN-OS operating system.<\/p>\n<p>The discovery of the vulnerability (CVE-2025-0108) was made by researchers at Assetnote and, according to researchers at Greynoise, is already being exploited.<\/p>\n<p>For its part, <a href=\"https:\/\/security.paloaltonetworks.com\/CVE-2025-0108\">Palo Alto Networks (PAN) said<\/a> administrators can \u201cgreatly reduce the risk\u201d of exploitation by restricting access to the management web interface to only trusted internal IP addresses, according to its recommended\u00a0<a href=\"https:\/\/live.paloaltonetworks.com\/t5\/community-blogs\/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo\/ba-p\/464431\">best practices deployment guidelines<\/a>. \u201cThis will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses,\u201d the company said.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Admins with firewalls from Palo Alto Networks should make sure the devices are fully patched and the management interface blocked from open internet access after the discovery this week of a zero-day login authentication bypass in the PAN-OS operating system. The discovery of the vulnerability (CVE-2025-0108) was made by researchers at Assetnote and, according to [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":1947,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1946","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/1946"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1946"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/1946\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/1947"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1946"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1946"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1946"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}