June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Chinese Cybercrime Group Conducts Large-Scale SMS Phishing Operation – Active IOCs
April 14, 2025
Multiple IBM Products Vulnerabilities
April 15, 2025
Chinese Cybercrime Group Conducts Large-Scale SMS Phishing Operation – Active IOCs
April 14, 2025
Multiple IBM Products Vulnerabilities
April 15, 2025
Severity
High
Analysis Summary
CVE-2025-0129 CVSS:9.4
Prisma Access Browser: Inappropriate control behavior in Prisma Access Browser
CVE-2025-0119 CVSS:6.3
A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM.
Impact
- Gain Access
Indicators of Compromise
CVE
CVE-2025-0129
CVE-2025-0119
Affected Vendors
Palo Alto
Affected Products
- Palo Alto Networks Prisma Access Browser 132.83.3017.1
- Palo Alto Networks Cortex XDR Broker VM 26.100.3
Remediation
Refer to Palo Alto Networks Security Advisory for patch, upgrade, or suggested workaround information.
