—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Denial of Service (DoS) vulnerability in Palo Alto PAN-OS 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: MEDIUM

Systems Affected

PAN-OS 11.2

< 11.2.2-h2

< 11.2.3-h6

< 11.2.4-h4

< 11.2.5

PAN-OS 11.1

>= 11.1.2-h9

< 11.1.2-h18

>= 11.1.3-h2

>= 11.1.4-h4

< 11.1.4-h13

< 11.1.6-h1

< 11.1.7

PAN-OS 10.2

>= 10.2.4-h25

>= 10.2.7-h11

< 10.2.7-h24

>= 10.2.8-h10

< 10.2.8-h21

>= 10.2.9-h6

< 10.2.9-h21

>= 10.2.10-h2

< 10.2.10-h14

< 10.2.11-h12

< 10.2.12-h6

< 10.2.13-h3

< 10.2.14

PAN-OS 10.1

Prisma Access

>= 10.2.4-h25 on PAN-OS

< 10.2.10-h14 on PAN-OS

< 11.2.4-h4 on PAN-OS

Overview

A vulnerability has been reported in Palo Alto Networks that allows a remote attackers to trigger a firewall reboot by sending a crafted dataplane packet and push the appliance into maintenance mode, causing a denial-of-service condition.

Target Audience:

Large enterprises, Managed Security Service Providers, Telecoms and ISPs, Cloud Providers and Industries with complex or highly regulated IT environments.

Risk Assessment:

Critical risks on confidentiality, integrity, and availability of the systems.

Impact Assessment:

Compromise of integrity and confidentiality.

Description

A vulnerability exists in Palo Alto Networks PAN-OS allows an attacker to reboot a firewall by sending a specially crafted packet through the dataplane.

Successfully exploitation this vulnerability could allow a remote attacker can force a firewall reboot, and repeated attempts can cause the firewall to enter maintenance mode, leading to a denial of service.

Solution

Apply appropriate security updates as mentioned in:

https://security.paloaltonetworks.com/CVE-2025-4619

Vendor Information

Palo Alto Networks

https://security.paloaltonetworks.com/CVE-2025-4619

References

Palo Alto Networks

https://security.paloaltonetworks.com/CVE-2025-4619

CVE Name

CVE-2025-4619

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmkV8sAACgkQ3jCgcSdc

ys+1WA/+NflEFczudjwrS5X9lkbIOyo8RGcqjNN5QDVRF62E1fPAhFjrskQMEFj4

GoChfScxoHn1X1e5G7jrI4OFfXfhqOXBtBZBm7gnSjVeZlhYB44aloocSzHjd4aK

G5V8g4tOjLTBJd/4fEMYGEcASmBdoH6Qy7bgxJUQENse160Ykagnq5f/a8ab3g2d

D/N6FrHxdfED6grfB/qUl46sdp6ibiS8LKzLJ5gEtCELH6P/NF3rDpz3ZdFKNNIY

5YH7CGWQ+7ub0Sd03Cv9hu2Sl5JOMGgQyzo3tvyFqRbv9CVRKu+lPtCW7YzqupzL

7jzyf4nB6SNNqnBsuqbmzkMHRlZXck4JZ4DisIYccRum2Ajn9RJWn/vys1EhOWmk

9jYB59uQQYvbcCDlVexZiq7IN2PrGQC0i2Iql9tM74E72+uILW0LEcKrMeoMx2c4

bmXpqbTDIGhQBlEVYCxkGWUbPu4XZ3syozuPowfwWsHQmOU3GY+O/+6NIWS8vuAx

0nz+QDoCrKf1tZ48bzNtccRnVF89821in/hWMyB89LyPkBA6NMX0jDoaVhN/9ZQt

YKNv+7RhmTkWx4nzYWdY3VSIzVdr81ORSbGe2gMhi2G5I9Go3+GZ94yx3nQvElxI

b4rW7FPyy7F+/nBE1CIRyEgy725kUipOj/ckwnrjRW5xU78wZNQ=

=lMAT

—–END PGP SIGNATURE—–