CVE-2025-0114

A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.

This issue does not apply to Cloud NGFWs or Prisma Access software.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
palo_altoCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
VendorProductVersion
paloaltonetworkspan-os
10.1.0 ≤
𝑥
< 10.1.14
paloaltonetworkspan-os
10.2.0 ≤
𝑥
< 10.2.5
paloaltonetworkspan-os
11.0.0 ≤
𝑥
< 11.0.2
paloaltonetworkspan-os
10.1.14:h1
paloaltonetworkspan-os
10.1.14:h10
paloaltonetworkspan-os
10.1.14:h2
paloaltonetworkspan-os
10.1.14:h3
paloaltonetworkspan-os
10.1.14:h4
paloaltonetworkspan-os
10.1.14:h5
paloaltonetworkspan-os
10.1.14:h6
paloaltonetworkspan-os
10.1.14:h7
paloaltonetworkspan-os
10.1.14:h8
paloaltonetworkspan-os
10.1.14:h9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.paloaltonetworks.com/CVE-2025-0114