CVE-2025-4228 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
palo_alto	CNA	---				---
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-266 - Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Vulnerability Media Exposure

[GERMAN] PaloAlto Networks Cortex XSOAR: Schwachstelle ermöglicht Privilegieneskalation
Ein lokaler Angreifer kann eine Schwachstelle in PaloAlto Networks Cortex XSOAR ausnutzen, um seine Privilegien zu erhöhen.
Published: 2025-06-11T22:00:00+00:00
[GERMAN] Palo Alto stopft hochriskante Lücken in PAN-OS und GlobalProtect
Palo Alto Networks verteilt aktualisierte Software – sie stopft teils hochriskante Sicherheitslecks in PAN-OS und GlobalProtect.
Published: 2025-06-12T13:16:00+00:00

References

https://security.paloaltonetworks.com/CVE-2025-4228