The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday incorporated two security vulnerabilities affecting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN into its Known Exploited Vulnerabilities (KEV) catalog, following indications of ongoing exploitation.
The vulnerabilities are detailed below –

CVE-2025-0108 (CVSS score: 7.8) – A vulnerability allowing authentication bypass in the Palo Alto Networks PAN-OS.