It has been confirmed that a Palo Alto Networks patched firewall vulnerability is being actively exploited. CVE-2025-0108 is an authentication bypass flaw which allows unauthenticated attacks to access a device’s management interface. Threat intelligence firm GreyNoise has detected malicious activity where threat actors are trying to exploit the vulnerability. Palo Alto Networks has stated that the flaw can be chained with other vulnerabilities to gain access to unpatched and unsecured firewalls. 

Read more: https://www.securityweek.com/palo-alto-networks-confirms-exploitation-of-firewall-vulnerability/