What is the severity of CVE-2025-0122?

CVE-2025-0122 has been classified as a denial-of-service vulnerability.

How do I fix CVE-2025-0122?

To mitigate CVE-2025-0122, upgrade Prisma SD-WAN to versions 6.5.1, 6.4.2, 6.3.4, or 6.1.10.

Who is affected by CVE-2025-0122?

CVE-2025-0122 affects Palo Alto Networks Prisma SD-WAN ION devices.

What could an attacker do using CVE-2025-0122?

An attacker could disrupt the packet processing capabilities of affected devices by sending crafted packets.

Is authentication required to exploit CVE-2025-0122?

No, CVE-2025-0122 can be exploited by an unauthenticated attacker.

Vulnerability/
CVE-2025-0122

high

7.1

CWE

770

9/4/2025

CVE-2025-0122: Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through Burst of Crafted Packets (Severity: MEDIUM)

First published: Wed Apr 09 2025(Updated: )

A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma® SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device.

Affected Software	Affected Version	How to fix
Prisma SD-WAN
Palo Alto Networks Prisma SD-WAN ION	<6.5.1=6.5.0<6.4.2=6.4.0<6.3.4=6.3.0=6.2.0<6.1.10=6.1.0	6.5.1 6.4.2 6.3.4 6.1.10

Remedy

There are no known workarounds for this issue.

Remedy

Version Suggested Solution Prisma SD-WAN 6.5 Upgrade to Prisma SD-WAN 6.5.1 or later Prisma SD-WAN 6.4 Upgrade to Prisma SD-WAN 6.4.2 or later Prisma SD-WAN 6.3 Upgrade to Prisma SD-WAN 6.3.4 or later Prisma SD-WAN 6.2 Upgrade to Prisma SD-WAN 6.3.4 or later Prisma SD-WAN 6.1 Upgrade to Prisma SD-WAN 6.1.10 or later

Never miss a vulnerability like this again

Reference Links

https://security.paloaltonetworks.com/CVE-2025-0122

Frequently Asked Questions

What is the severity of CVE-2025-0122?
CVE-2025-0122 has been classified as a denial-of-service vulnerability.
How do I fix CVE-2025-0122?
To mitigate CVE-2025-0122, upgrade Prisma SD-WAN to versions 6.5.1, 6.4.2, 6.3.4, or 6.1.10.
Who is affected by CVE-2025-0122?
CVE-2025-0122 affects Palo Alto Networks Prisma SD-WAN ION devices.
What could an attacker do using CVE-2025-0122?
An attacker could disrupt the packet processing capabilities of affected devices by sending crafted packets.
Is authentication required to exploit CVE-2025-0122?
No, CVE-2025-0122 can be exploited by an unauthenticated attacker.

collector/paloaltonetworks-latest
source/Palo Alto Networks
agent/last-modified-date
agent/references
agent/title
agent/source
agent/type
agent/first-publish-date
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/remedy
agent/weakness
agent/severity
agent/tags
agent/description
collector/paloaltonetworks-api
agent/event
vendor/prisma
canonical/prisma sd-wan
vendor/palo alto networks
canonical/palo alto networks prisma sd-wan ion
version/palo alto networks prisma sd-wan ion/6.5.0
version/palo alto networks prisma sd-wan ion/6.4.0
version/palo alto networks prisma sd-wan ion/6.3.0
version/palo alto networks prisma sd-wan ion/6.2.0
version/palo alto networks prisma sd-wan ion/6.1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.