#VU107413 Protection Mechanism Failure in Prisma Access Browser - CVE-2025-0129


Vulnerability identifier: #VU107413

Vulnerability risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-0129

CWE-ID: CWE-693

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Prisma Access Browser
Client/Desktop applications / Web browsers

Vendor: Palo Alto Networks, Inc.

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures. An attacker can bypass implemented security browser restrictions.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Prisma Access Browser: before 132.83.3017.1

External links
https://security.paloaltonetworks.com/PAN-SA-2025-0008

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Prisma Access Browser
Multiple vulnerabilities in Prisma Access Browser