Palo Alto Networks has disclosed a command injection vulnerability in its PAN-OS operating system that enables authenticated administrative users to escalate privileges and perform actions as the root user.
The vulnerability, designated CVE-2025-4231, was published on June 11, 2025, and carries a medium severity rating with a CVSS score of 6.1.
https://security.paloaltonetworks.com/CVE-2025-4231