CVE-2025-0114

Summary

A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.

This issue does not apply to Cloud NGFWs or Prisma Access software.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksPAN-OS11.2.0unaffected
Palo Alto NetworksPAN-OS11.1.0unaffected
Palo Alto NetworksPAN-OS11.0.0 < 11.0.2affected
Palo Alto NetworksPAN-OS10.2.0 < 10.2.5affected
Palo Alto NetworksPAN-OS10.1.0 < 10.1.14-h11affected
Palo Alto NetworksCloud NGFWAllunaffected
Palo Alto NetworksPrisma AccessAllunaffected

Weaknesses

  • CWE-400: CWE-400 Uncontrolled Resource Consumption

Workarounds

No workaround or mitigation is available.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References