EXECUTIVE SUMMARY:
Palo Alto Networks has released security updates to address two high-severity vulnerabilities in its PAN-OS network security operating system. CVE-2025-0108 is an authentication bypass vulnerability in the management web interface that allows an unauthenticated attacker with network access to bypass authentication and invoke certain PHP scripts. CVE-2025-0110 is a command injection vulnerability in the PAN-OS OpenConfig plugin that enables an authenticated administrator to execute arbitrary commands with elevated privileges. Palo Alto Networks urges users to update their software immediately and restrict management interface access to trusted internal IPs. If the OpenConfig plugin is not in use, it should be disabled or uninstalled.