CVE-2025-0113 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-0113 PUBLISHED CVSS 5.300000190734863 MEDIUM

A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to the Cortex XDR server.

EPSS 0.21% · 43.5th percentile

Risk Scores

CVSS v4.0

5.300000190734863

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber

EPSS Score

0.21%

43.5th percentile

Affected Products

Vendor	Product	Versions
Palo Alto Networks	Cortex XDR Broker VM	1.0.0

Timeline

Dec 20, 2024 CVE ID Reserved
Feb 12, 2025 PoC Published
Feb 12, 2025 PoC Published
Feb 12, 2025 PoC Published
Feb 12, 2025 CVE Published
Feb 12, 2025 PoC Published
Feb 13, 2025 EPSS Score
Feb 13, 2025 PoC Published
Feb 19, 2025 PoC Published
Feb 27, 2025 EPSS Score
Mar 1, 2025 Coalition ESS Score
Mar 13, 2025 EPSS Score

References

https://security.paloaltonetworks.com/CVE-2024-1135 advisory
https://security.paloaltonetworks.com/CVE-2025-0109 advisory
https://security.paloaltonetworks.com/CVE-2025-0110 advisory
https://security.paloaltonetworks.com/CVE-2025-0108 advisory
https://security.paloaltonetworks.com/CVE-2025-0113 advisory
https://security.paloaltonetworks.com/PAN-SA-2025-0004 advisory
https://security.paloaltonetworks.com/CVE-2025-0112 advisory
https://security.paloaltonetworks.com/CVE-2025-0111 advisory
https://nvd.nist.gov/vuln/detail/CVE-2025-0113 advisory
https://security.paloaltonetworks.com/CVE-2024-0113 url

Open in Interactive Console →