CVE-2025-4614: 
PAN-OS vulnerability analysis and mitigation

An information disclosure vulnerability (CVE-2025-4614) was discovered in Palo Alto Networks PAN-OS software, disclosed on October 8, 2025. The vulnerability enables authenticated administrators to view session tokens of users authenticated to the firewall web UI. This affects multiple versions of PAN-OS including versions prior to 11.2.8, 11.1.12, and 10.2.17. Cloud NGFW and Prisma Access are not affected by this vulnerability (Palo Alto).

The vulnerability has been assigned a CVSS 4.0 Base Score of 4.8 (MEDIUM) with the vector string CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber. The vulnerability is classified under CWE-497 (Exposure of Sensitive System Information to an Unauthorized Control Sphere). The debug option must be enabled on the URL: https:///php/utils/debug.php for the vulnerability to be exploitable (NVD, Palo Alto).

If exploited, this vulnerability could allow impersonation of users whose session tokens are leaked. However, the security risk is significantly minimized when CLI access is restricted to a limited group of administrators (Palo Alto).

The vulnerability has been patched in PAN-OS versions 11.2.8, 11.1.12, and 10.2.17 or later. Users are advised to upgrade to these fixed versions. There are no known workarounds for this issue (Palo Alto).