SonicWall and Palo Alto Respective OS Added to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities to its Known Exploited Vulnerabilities catalog: one in Palo Alto Networks' PAN-OS and another in SonicWall’s SonicOS. The first vulnerability, CVE-2025-0108, affects PAN-OS firewalls, allowing attackers to bypass authentication and potentially exploit the system’s management interface. This flaw has been actively exploited by cybercriminals since it was disclosed, and security experts urge organizations using PAN-OS to update their systems immediately.

SonicWall and Palo Alto Respective OS Added to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities to its Known Exploited Vulnerabilities catalog: one in Palo Alto Networks' PAN-OS and another in SonicWall’s SonicOS. The first vulnerability, CVE-2025-0108, affects PAN-OS firewalls, allowing attackers to bypass authentication and potentially exploit the system’s management interface. This flaw has been actively exploited by cybercriminals since it was disclosed, and security experts urge organizations using PAN-OS to update their systems immediately.

Zero-Day Exploit to Hijack Firewalls Warned of by Fortinet

A serious security flaw has been discovered in FortiOS and FortiProxy, affecting several versions of Fortinet's firewall software. This vulnerability, known as CVE-2024-55591, allows hackers to bypass authentication and gain remote access with super-admin privileges. Attackers are exploiting this flaw to create unauthorized admin accounts, alter firewall settings, and establish hidden connections to company networks through SSL VPNs.