topic CVE-2025-0133 threat 510003 and 510004 detection testing ? in GlobalProtect Discussions https://live.paloaltonetworks.com/t5/globalprotect-discussions/cve-2025-0133-threat-510003-and-510004-detection-testing/m-p/1234141#M6910 <P>PAN state that as workaround/mitigation - block attacks for this vulnerability by enabling Threat ID 510003 and 510004 ( content v 8995 and that&nbsp; "it is crucial to ensure that Vulnerability Protection profiles are explicitly applied to the security rules that process traffic <STRONG>FROM</STRONG> GlobalProtect interfaces." I wonder if anyone has managed to validate this threat detection/blocking on a test GP portal ? Of course, it may be that 1. having the SSL-VPN disabled and 2. setting the portal login page set to "none" means this vulnerability is just not exposed. However the Sec Advisory does not state these as workarounds. If sufficient these would appear to be a more straightforward intervention than creating rules to apply vulnerability profiles from the GP portal. However having already gone the extra mile, any advise on testing these threats would be gratefully received.</P> Wed, 16 Jul 2025 16:08:48 GMT LeeFrancis2 2025-07-16T16:08:48Z CVE-2025-0133 threat 510003 and 510004 detection testing ? https://live.paloaltonetworks.com/t5/globalprotect-discussions/cve-2025-0133-threat-510003-and-510004-detection-testing/m-p/1234141#M6910 <P>PAN state that as workaround/mitigation - block attacks for this vulnerability by enabling Threat ID 510003 and 510004 ( content v 8995 and that&nbsp; "it is crucial to ensure that Vulnerability Protection profiles are explicitly applied to the security rules that process traffic <STRONG>FROM</STRONG> GlobalProtect interfaces." I wonder if anyone has managed to validate this threat detection/blocking on a test GP portal ? Of course, it may be that 1. having the SSL-VPN disabled and 2. setting the portal login page set to "none" means this vulnerability is just not exposed. However the Sec Advisory does not state these as workarounds. If sufficient these would appear to be a more straightforward intervention than creating rules to apply vulnerability profiles from the GP portal. However having already gone the extra mile, any advise on testing these threats would be gratefully received.</P> Wed, 16 Jul 2025 16:08:48 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/cve-2025-0133-threat-510003-and-510004-detection-testing/m-p/1234141#M6910 LeeFrancis2 2025-07-16T16:08:48Z