CVE-2025-74892

Runtime vulnerability - Palo Alto Networks

High CVSS Score: 8.8 Published: 2026-03-09

Description

A command injection vulnerability in Palo Alto Networks Runtime allows attackers to bypass authentication. This affects versions through 11.21.2.

Affected Systems

Vendor Palo Alto Networks
Product Runtime
Affected Versions < 10.91
CWE ID CWE-79

Mitigation

As a workaround, disable the affected feature until a patch is available.

Fix Instructions

1. Update Runtime to the latest version
2. Apply vendor patch when available
3. Implement network segmentation
4. Monitor for exploitation attempts

References

Risk Assessment

CVSS: 8.8/10

Exploit Available Yes
Patch Available Yes

Need Help Patching?

Our security team can help assess and remediate this vulnerability in your environment.

Get Help

Related Vulnerabilities

critical

CVE-2024-60114

Container Runtime...
medium

CVE-2024-55578

Runtime...
high

CVE-2025-49326

Runtime...
high

CVE-2025-19732

Container Runtime...
high

CVE-2024-39126

Container Runtime...
medium

CVE-2025-83847

Container Runtime...

Stay Ahead of Threats

Subscribe to our vulnerability feed and get instant alerts when new CVEs affect your systems.

Start Monitoring