[Palo Alto Networks Security Advisories] PAN-SA-2025-0017 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
Palo Alto Networks Security Advisories /PAN-SA-2025-0017
PAN-SA-2025-0017 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
Informational
Description
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Prisma SD-WAN ION. While Prisma SD-WAN ION may include the affected OSS package, Prisma SD-WAN ION does not offer any scenarios required for an attacker to successfully exploit these vulnerabilities and is not impacted.
| CVE | Summary |
|---|---|
| CVE-2025-61984 | Prisma SD-WAN ION devices do not allow the ProxyCommand directive required for exploitation, and ssh_config cannot be modified. Therefore, there is no impact. |
Product Status
| Versions | Affected | Unaffected |
|---|---|---|
| Prisma SD-WAN ION | None | All |
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of these issues in Prisma SD-WAN ION.
Solution
No software updates are required at this time.
Timeline
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
