CVE-2025-0114
Published: 12 March 2025
Description
Adversaries may target the different network services provided by systems to conduct a denial of service (DoS).
Security Summary
CVE-2025-0114 is a Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software. It enables an unauthenticated attacker to render the GlobalProtect portal and gateway services unavailable by sending a large number of specially crafted packets over a period of time. This issue does not affect Cloud NGFWs or Prisma Access software. The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is linked to CWE-400 (Uncontrolled Resource Consumption).
An unauthenticated attacker with network access can exploit this vulnerability due to its low attack complexity, lack of required privileges, and absence of user interaction. Exploitation involves flooding the service with specially crafted packets, resulting in a denial of service that disrupts availability of the GlobalProtect portal and gateway without affecting confidentiality or integrity.
Mitigation details are available in the official Palo Alto Networks security advisory at https://security.paloaltonetworks.com/CVE-2025-0114.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability directly enables a Service Exhaustion Flood (T1499.002) by allowing an unauthenticated network attacker to send large volumes of specially crafted packets that exhaust resources and render GlobalProtect portal/gateway services unavailable.