Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions.————————————————————————————————————–Palo Alto Networks fixed seven privilege escalation vulnerabilities and integrated the latest Chrome security patches into its products.Palo Alto applied 11 Chrome fixes and patched CVE-2025-4233, a cache vulnerability impacting the Prisma Access Browser.The most severe vulnerability, tracked as CVE-2025-4232 (CVSS score of 7.1), is an [authenticated code injection through wildcard on macOS](https://security.paloaltonetworks.com/CVE-2025-4232).*’An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect:tm: app on macOS allows a non administrative user to escalate their privileges to root.’ reads the [advisory](https://security.paloaltonetworks.com/CVE-2025-4232).*The company also addressed a PAN-OS Authenticated Admin Command Injection Vulnerability, tracked as [CVE-2025-4231](https://security.paloaltonetworks.com/CVE-2025-4231) (CVSS score of 6.1), in the Management Web Interface.The command injection flaw in Palo Alto Networks PAN-OS allows authenticated admins with web interface access to execute actions as root. The company states that Cloud NGFW and Prisma Access are unaffected.Another issue fixed by the company is [PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI](https://security.paloaltonetworks.com/CVE-2025-4230) that is tracked as CVE-2025-4230 (CVSS score of 5.7).*’A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.’ reads the [advisory](https://security.paloaltonetworks.com/). ‘Cloud NGFW and Prisma® Access are not affected by this vulnerability.’*The firm also fixed a PAN-OS flaw, tracked as CVE-2025-4228 (CVSS score 1.0) exposing unencrypted SD-WAN data and a Cortex XDR Broker VM bug that let attackers escalate privileges to root.The security vendor is not aware of attacks in the wild exploiting any of these vulnerabilities.Follow me on Twitter: [@securityaffairs](https://twitter.com/securityaffairs) and [Facebook](https://www.facebook.com/sec.affairs) and [Mastodon](https://infosec.exchange/@securityaffairs)[Pierluigi Paganini](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)([SecurityAffairs](http://securityaffairs.co/wordpress/) — hacking, [PAN-OS](https://securityaffairs.com/tag/palo-alto-networks-pan-os))
Related Tags:
CVE-2025-4232
CVE-2025-4228
CVE-2025-4230
CVE-2025-4233
NAICS: 56 – Administrative And Support And Waste Management And Remediation Services
NAICS: 54 – Professional
Scientific
Technical Services
NAICS: 561 – Administrative And Support Services
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
Associated Indicators: