CVE-2025-2180

An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud. This issue impacts Checkov 3.0 versions earlier than Checkov 3.2.415.

CVSS

No CVSS.

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2025-2180

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de deserialización insegura en Palo Alto Networks Checkov by Prisma® Cloud permite que un usuario autenticado ejecute código arbitrario como usuario no administrativo escaneando un archivo malicioso de Terraform al usar Checkov en Prisma® Cloud. Este problema afecta a versiones de Checkov 3.0 anteriores a la 3.2.415.

13 Aug 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-13 17:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-2180

Mitre link : CVE-2025-2180

CVE.ORG link : CVE-2025-2180

JSON object : View

Products Affected

No product.

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2025-2180", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 4.8, "Automatable": "NO", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-13T17:15:25.973", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-2180", "source": "psirt@paloaltonetworks.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma\u00ae Cloud.\n\nThis issue impacts Checkov 3.0 versions earlier than Checkov 3.2.415."}, {"lang": "es", "value": "Una vulnerabilidad de deserializaci\u00f3n insegura en Palo Alto Networks Checkov by Prisma\u00ae Cloud permite que un usuario autenticado ejecute c\u00f3digo arbitrario como usuario no administrativo escaneando un archivo malicioso de Terraform al usar Checkov en Prisma\u00ae Cloud. Este problema afecta a versiones de Checkov 3.0 anteriores a la 3.2.415."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "psirt@paloaltonetworks.com"}