CVE-2025-0108

Arctic Wolf reports on CVE-2025-0108, an authentication bypass in PAN-OS management web interfaces with public proof-of-concept exploits and observed exploitation attempts; attackers have been chaining it with CVE-2024-9474 to gain administrative control of affected firewalls. The advisory lists affected and fixed PAN-OS versions, recommends immediate patching and restricting management interface access, and notes Cloud NGFW and Prisma Access are unaffected.