CVE-2025-0136 is a medium-severity vulnerability affecting certain Palo Alto Networks PAN-OS firewalls, specifically the PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series. The vulnerability arises from the use of the AES-128-CCM encryption algorithm for IPSec connections, which leads to the transmission of sensitive information in cleartext to devices connected through IPSec tunnels. This means that data expected to be encrypted and protected during transit is instead exposed, potentially allowing attackers to intercept and read sensitive communications. Notably, this issue does not affect Palo Alto's Cloud NGFWs, Prisma Access instances, or PAN-OS VM-Series firewalls, indicating that the vulnerability is limited to specific physical firewall models and their IPSec implementation. The AES-128-CCM algorithm is explicitly not recommended for use, suggesting that this cryptographic choice is inherently weak or improperly implemented in this context. The vulnerability has a CVSS 4.0 base score of 5.3, reflecting a medium severity level, with network attack vector, low attack complexity, no privileges or user interaction required, and partial impact on confidentiality and integrity but no impact on availability. There are no known exploits in the wild at this time, and no patches have been linked yet. The CWE classification is CWE-319, which corresponds to cleartext transmission of sensitive information, a significant concern for data confidentiality in network communications.

For European organizations, this vulnerability poses a risk to the confidentiality and integrity of data transmitted over IPSec tunnels through affected Palo Alto Networks firewalls. Organizations relying on these specific firewall models for secure VPN or site-to-site IPSec connections could have sensitive data exposed to interception by malicious actors on the network path. This could lead to data breaches involving personal data, intellectual property, or confidential business communications, potentially violating GDPR and other data protection regulations. The impact is particularly critical for sectors handling sensitive or regulated data, such as finance, healthcare, government, and critical infrastructure. While availability is not affected, the exposure of sensitive information could facilitate further attacks, including lateral movement or targeted espionage. The lack of required user interaction and low complexity of exploitation increases the risk, especially in environments where these firewall models are deployed without additional compensating controls. However, the absence of known exploits in the wild and the medium severity rating suggest that immediate widespread exploitation is unlikely but should not be discounted.

European organizations using the affected Palo Alto Networks firewall models should take the following specific actions: 1) Immediately review and audit IPSec configurations to identify use of AES-128-CCM encryption. 2) Disable or replace AES-128-CCM with stronger, recommended encryption algorithms such as AES-GCM or AES-CBC with appropriate integrity checks, following Palo Alto Networks' best practices. 3) Monitor network traffic for signs of unencrypted sensitive data transmission over IPSec tunnels. 4) Implement network segmentation and additional encryption layers (e.g., application-layer encryption) to reduce exposure risk. 5) Stay updated with Palo Alto Networks advisories for patches or firmware updates addressing this vulnerability and apply them promptly once available. 6) Conduct penetration testing and vulnerability assessments focused on IPSec tunnels to verify the absence of cleartext data leaks. 7) Enhance logging and alerting on firewall IPSec traffic anomalies to detect potential exploitation attempts early. These steps go beyond generic advice by focusing on cryptographic algorithm replacement, configuration audits, and layered defense strategies tailored to the vulnerability's nature.