216.73.217.64

CVE-2025-2182

· Published 13/08/2025 17:15 · Modified 13/08/2025 17:33

Labels: CVE-2025-2182 2025-08-13CVE-2025-2182CWE-312[email protected]

Essential information

Published
13/08/2025 17:15
Modified
13/08/2025 17:33
Author
Creator
CVSS
5.6 MEDIUM (v3) 5.6 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in the cleartext exposure of the connectivity association key (CAK). This issue is only applicable to PA-7500 Series devices which are in an NGFW cluster. A user who possesses this key can read messages being sent between devices in a NGFW Cluster. There is no impact in non-clustered firewalls or clusters of firewalls that do not enable MACsec.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
palo alto networks / pan-os cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*
palo alto networks / pa-7500 cpe:2.3:h:palo_alto_networks:pa-7500:*:*:*:*:*:*:*:*

References