Detecting Or Hunting For CVE-2025-0108

Hello Folks,

I am looking for a ways to detect the attempt for this vulnerability through SIEM. Based on the blogs available the vulnerability can be exploited by accessing URL with "unauth" on management interface. So I am thinking to look for web

IPSec tunnel over IPSec tunnel not working

Has anyone ever done tunnel-over-tunnel on the PaloAlto (to Cisco/etc.)? I have been having problems getting traffic to return to a remote site. I normally have multiple IPSec tunnels to remote sites (carrying specific isolated VLAN/networks) over a

Add backup GlobalProtect portal to GlobalProtect client

On our PA-1410 under Network - GlobalProtect - Portals - each of our portals (one on each interface for each ISP) - Agent - Agent Config - External Gateway I added gp2.domain.com to go along with gp.domain.com. 

I was thinking (hoping) that would upd

VPN tunnel flapping after the 11.1.4-h7 upgrade

We have upgraded our FW to 11.1.4-h7. After the upgrade the IPSEC tunnels were working fine. But from the past 2 days we are observing that tunnels are flapping and one of the tunnel is down due to phase-1 negotiation failure due to timeout.

Does a

PAN-OS 10.2 preferred release Vs. vulnerabilities

Hello everyone,

  maybe this is a silly question, but as far as I can see the current PAN-OS 10.2 preferred release dates back in november and does not include fixes for recently discovered vulnerabilities (CVE-2025-0108, for example). I usually pu

GlobalProtect requires token twice - Possible RSA inconvenience

Hi Community. I have an issue on GP: it makes requests for token twice to get through VPN to my network.

I discovered the RSAs feature "Next Token Code Mode", but believe PA (5050 - PAN-OS 7.1.10) has nothing to do when a NTC is requested, so I recom

Lab license for Palo Alto

How hard is it to get a lab license from a Vendor such as CDW.   Last week I  went to their website and purchased 'PAN-PA-410-USG-BND-LAB'.  

Today I looked and saw it as canceled.  Still trying to find out why it was canceled.   The cost of $104 w

Upgrade path question

We have a second Palo Alto that we want to upgrade and then use as a High Availability device to work with our current operational firewall. It had been used before, but is currently offline.  I was following the upgrade path from 9.0.13 to 10.2.13-h

transfering license without a CSP account

Hello,
I hope someone can help me.
I tried to find myself the answer but looks like I'm getting a chicken-and-egg problem.
To accelerate the learning curve, I've bought a PA-440 on ebay.
To transfer the device, I need a CSP account but since I don't have

Antivirus mismatch without license

We have a cluster of firewalls with an antivirus mismatch alert.

The thing is that there is no antivirus license.This issue happpened after one of the nodes went down and we had to perform a factory reset.

We are seeing this by cli:

av-version: 0

av-