CVE-2025-20109: 
Linux Debian vulnerability analysis and mitigation

An unauthenticated file deletion vulnerability exists in the Palo Alto Networks PAN-OS management web interface. The vulnerability was disclosed on February 12, 2025, and is tracked as CVE-2025-0109. This vulnerability affects PAN-OS management web interface systems, but does not impact Cloud NGFW or Prisma Access software (NVD).

The vulnerability allows an unauthenticated attacker with network access to the management web interface to delete certain files as the "nobody" user. This includes limited logs and configuration files but does not include system files. The vulnerability has been assigned a CVSS v4.0 Base Score of 6.9 (Medium) with the vector string CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber. The vulnerability is classified as CWE-73: External Control of File Name or Path (NVD).

The vulnerability enables unauthorized deletion of certain files, including limited logs and configuration files, while system files remain protected. This could potentially impact system logging and configuration management capabilities (NVD).

To mitigate this vulnerability, it is strongly recommended to restrict access to the management web interface to only trusted internal IP addresses according to Palo Alto Networks' recommended best practices deployment guidelines. This significantly reduces the risk of exploitation (NVD).