Palo Alto Networks on Wednesday revealed seven safety advisories that element as many vulnerabilities in its merchandise, together with the implementation of latest Chrome fixes.
Essentially the most extreme of the resolved flaws is CVE-2025-4232, a high-severity improper neutralization of wildcards bug in GlobalProtect for macOS that results in code injection.
Impacting the log assortment characteristic of the applying, the safety defect could be exploited by authenticated attackers to raise their privileges to root, Palo Alto Networks warns.
The corporate additionally drew consideration to a set of 11 Chrome fixes it carried out in its merchandise alongside a patch for CVE-2025-4233, an inappropriate implementation in cache vulnerability affecting the Prisma Entry Browser.
Patches had been additionally launched for a medium-severity command injection flaw in PAN-OS, tracked as CVE-2025-4231, that permits an attacker authenticated as an administrator to carry out actions as root.
“The attacker will need to have community entry to the administration net interface and efficiently authenticate to take advantage of this difficulty,” the corporate says.
One other PAN-OS command injection bug, CVE-2025-4230, permits an attacker logged into an administrator account with entry to the CLI to bypass system restrictions and execute arbitrary instructions as root.
“The safety threat posed by this difficulty is considerably minimized when CLI entry is restricted to a restricted group of directors,” Palo Alto Networks says.Commercial. Scroll to proceed studying.
The corporate has additionally resolved a PAN-OS defect that might enable customers in a position to intercept packets despatched from the firewall to view unencrypted information being despatched by the SD-WAN interface, and an incorrect privilege task difficulty in Cortex XDR Dealer VM permitting attackers to escalate their privileges to root.
Moreover, the corporate mounted an improper entry management flaw within the Endpoint Visitors Coverage Enforcement characteristic of GlobalProtect for Home windows and macOS, resulting in packets remaining unencrypted and permitting an attacker with bodily entry to the community to inject a rogue machine and intercept the packets.
Palo Alto Networks says it’s not conscious of any of those vulnerabilities being exploited in assaults. Further info could be discovered on the corporate’s safety advisories web page.
Associated: Fortinet, Ivanti Patch Excessive-Severity Vulnerabilities
Associated: Chrome, Firefox Updates Resolve Excessive-Severity Reminiscence Bugs
Associated: Exploited Vulnerability Impacts Over 80,000 Roundcube Servers
Associated: Cisco Patches Crucial ISE Vulnerability With Public PoC
