CVE-2025-0129 | THREATINT

Description

An improper exception check in Palo Alto Networks Prisma Access Browser allows a low privileged user to prevent Prisma Access Browser from applying it's Policy Rules. This enables the user to use Prisma Access Browser without any restrictions.

PUBLISHED Reserved 2024-12-20 | Published 2025-04-11 | Updated 2025-06-13 | Assigner palo_alto

CRITICAL: 9.3CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/AU:N/R:U/V:D/RE:L/U:Amber

Problem types

CWE-754 Improper Check for Unusual or Exceptional Conditions

Product status

Default status

unaffected

1 (custom) before 132.83.3017.1

affected

Timeline

2025-04-09:

Initial publication

Credits

Palo Alto Networks thanks Tan Inn Fung, Yu Ann Ong, Zhang Bosen from the GovTech Cybersecurity Group for discovering and reporting this issue. finder

References

security.paloaltonetworks.com/PAN-SA-2025-0008 vendor-advisory

cve.org (CVE-2025-0129)

nvd.nist.gov (CVE-2025-0129)

Download JSON