Palo Alto Networks Resolves Critical Privilege Escalation Flaws and Integrates Latest Chrome Patches

TL;DR

Palo Alto Networks recently fixed several critical vulnerabilities, including multiple privilege escalation flaws. The company also integrated the latest Chrome security patches into its products. The most severe issue, CVE-2025-4232, allows non-administrative users to escalate privileges to root on macOS. Other notable vulnerabilities include command injection flaws in PAN-OS and unencrypted SD-WAN data exposure.

Main Content

Palo Alto Networks has addressed multiple vulnerabilities and integrated the latest Chrome security patches into its product lineup. The updates include fixes for seven privilege escalation flaws and the application of 11 Chrome security fixes, enhancing the overall security posture of their solutions.

Key Vulnerabilities Addressed

CVE-2025-4232: Authenticated Code Injection on macOS

The most severe vulnerability, tracked as CVE-2025-4232 with a CVSS score of 7.1, is an authenticated code injection flaw affecting the GlobalProtect app on macOS. This flaw allows non-administrative users to escalate their privileges to root.

“An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect app on macOS allows a non-administrative user to escalate their privileges to root.” ¹

CVE-2025-4231: PAN-OS Command Injection Flaw

Palo Alto Networks also addressed a command injection vulnerability in PAN-OS, tracked as CVE-2025-4231 with a CVSS score of 6.1. This flaw allows authenticated admins to execute actions as root through the Management Web Interface.

“The command injection flaw in Palo Alto Networks PAN-OS allows authenticated admins with web interface access to execute actions as root.” ²

CVE-2025-4230: Command Injection via CLI

Another significant issue, CVE-2025-4230 with a CVSS score of 5.7, involves a command injection vulnerability through the PAN-OS Command Line Interface (CLI). This flaw enables authenticated administrators to bypass system restrictions and run arbitrary commands as a root user.

“A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user.” ³

CVE-2025-4228: Unencrypted SD-WAN Data Exposure

Palo Alto Networks fixed a PAN-OS flaw, tracked as CVE-2025-4228 with a CVSS score of 1.0, which exposed unencrypted SD-WAN data. Additionally, a Cortex XDR Broker VM bug was addressed, which allowed attackers to escalate privileges to root.

Integration of Chrome Security Patches

Palo Alto Networks applied 11 Chrome fixes, including a patch for CVE-2025-4233, a cache vulnerability impacting the Prisma Access Browser. This proactive integration ensures that users are protected against the latest browser-based threats.

Conclusion

Palo Alto Networks’ recent updates demonstrate their commitment to maintaining robust security measures. By addressing these critical vulnerabilities and integrating the latest Chrome patches, the company ensures that its users are protected against evolving cyber threats. There are no known attacks exploiting these vulnerabilities in the wild.

For further updates, follow @securityaffairs on Twitter, Facebook, and Mastodon.

For more details, visit the full article: source

Additional Resources

For further insights, check:

• Palo Alto Networks Security Advisories
• Chrome Security Patches

References

1. Palo Alto Networks (2025). “CVE-2025-4232”. Security Advisory. Retrieved 2025-06-15. ↩︎

2. Palo Alto Networks (2025). “CVE-2025-4231”. Security Advisory. Retrieved 2025-06-15. ↩︎

3. Palo Alto Networks (2025). “CVE-2025-4230”. Security Advisory. Retrieved 2025-06-15. ↩︎