Palo Alto Networks has released patches to fix several security vulnerabilities in its Expedition migration tool, including a high-severity SQL injection bug (CVE-2025-0103) that allows authenticated attackers to access sensitive data, such as usernames, passwords, and device configurations. Other flaws include reflected XSS (CVE-2025-0104), arbitrary file deletion (CVE-2025-0105), wildcard expansion (CVE-2025-0106), and OS command injection (CVE-2025-0107). These vulnerabilities, which affect versions of Expedition prior to 1.2.100 and 1.2.101, have been addressed, but the tool reached its end-of-life in December 2024. Users are advised to restrict network access or shut down the service if not in use.

‍