Palo Alto PAN-OS LLDP DoS Reboot via Unauth Adjacent Attacker
CVE-2025-0116 Published on March 12, 2025
PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame
A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall to enter maintenance mode.
This issue does not apply to Cloud NGFWs or Prisma Access software.
Timeline
Updated the required configuration and workarounds sections
Updated the product status table to match the solution table
Initial Publication
Updated the required configuration and workarounds sections 5 days later.
Weakness Type
Improper Check for Unusual or Exceptional Conditions
The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.
Products Associated with CVE-2025-0116
Want to know whenever a new CVE is published for Palo Alto Networks PAN-OS? stack.watch will email you.
Affected Versions
Palo Alto Networks PAN-OS:- Version 11.2.0 and below 11.2.5 is affected.
- Version 11.1.0 and below 11.1.8 is affected.
- Version 10.2.0 and below 10.2.14 is affected.
- Version 10.1.0 and below 10.1.14-h11 is affected.
- Version All is unaffected.
- Version All is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.