GreyNoise Observes Active Exploitation of PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108)
ATT&CK techniques detected
T1190Exploit Public-Facing Application
61%
"greynoise observes active exploitation of pan - os authentication bypass vulnerability ( cve - 2025 - 0108 ) update : february 18, 2025 - greynoise now sees 25 malicious ips actively exploiting cve - 2025 - 0108, up from 2 on february 13. - top 3 source countries of attack traffi…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
GreyNoise has observed active exploitation attempts targeting a newly disclosed authentication bypass vulnerability, CVE-2025-0108, affecting Palo Alto Networks PAN-OS. This high-severity flaw allows unauthenticated attackers to execute specific PHP scripts, potentially leading to unauthorized access to vulnerable systems.