Palo Alto(PANW) TechCrunch·2025-02-19 12:35Core Insights - Palo Alto Networks has reported that hackers are exploiting a newly disclosed vulnerability in its PAN-OS firewall software, allowing unauthorized access to customer networks [1][2] - The vulnerability, tracked as CVE-2025-0108, was discovered by cybersecurity firm Assetnote and is currently under active attack [2][5] - Attackers are chaining this new vulnerability with two previously disclosed flaws, CVE-2024-9474 and CVE-2025-0111, to target unpatched PAN-OS web management interfaces [3] Vulnerability Details - The vulnerability CVE-2025-0108 allows unauthenticated attackers to execute specific PHP scripts, potentially leading to unauthorized access to vulnerable systems [4] - The complexity of the attack is considered low, and the scale of exploitation is increasing, with 25 IP addresses observed actively exploiting the vulnerability, up from two on February 13 [3][4] Geographic Impact - The highest levels of attack traffic have been observed in the U.S., Germany, and the Netherlands, indicating a widespread threat [4] Government Response - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the latest Palo Alto vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, highlighting the seriousness of the threat [5]