Remove Authentication Remove Firewall Remove Information Security
article thumbnail

Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

Security Affairs

Threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, inPalo Alto Networks PAN-OS firewalls. Researchers warn that threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls. reads the advisory published by Palo Alto Networks.

Firewall 101
article thumbnail

SonicWall warns of an exploitable SonicOS vulnerability

Security Affairs

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” All customers are encouraged to upgrade their firewalls to the latest MR listed below.” hardware firewalls: SonicOS 6.5.5.1-6n 6n or newer Gen 6 / 6.5

Firewall 114
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Security Affairs

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS.

Firewall 116
article thumbnail

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Security Affairs

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls.

Firewall 105
article thumbnail

Palo Alto Networks fixed a high-severity PAN-OS flaw

Security Affairs

An unauthenticated attacker can exploit this vulnerability to reboot the firewall by sending a malicious packet through its data plane. Repeated exploitation forces the firewall into maintenance mode. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.” ” reads the advisory.

DNS 112
article thumbnail

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Palo Alto Networks Expedition is a tool designed to help users transition to and optimize Palo Alto Networks’ next-generation firewalls. The vulnerability is a privilege escalation issue in the Android Framework component. Versions up to 2.3.6

Firewall 125
article thumbnail

Sophos Firewall affected by a critical authentication bypass flaw

Security Affairs

Sophos has addressed a critical vulnerability, tracked as CVE-2022-1040, in its Sophos Firewall that allows remote code execution (RCE). Sophos has fixed an authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall. MR3 (18.5.3) and earlier. MR3 (18.5.3)

Firewall 100