8 matches found
CVE-2025-0117
A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and...
PT-2024-5980 · Palo Alto Networks · Palo Alto Networks Globalprotect
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks GlobalProtect App affected versions not specified Description: A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated...
CVE-2024-2432
A privilege escalation PE vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition...
CVE-2023-0009
A local privilege escalation PE vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges...
CVE-2022-0021
An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect App 5.2 versions...
CVE-2022-0017
An improper link resolution before file access 'link following' vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. This iss...
The vulnerability of the GlobalProtect for Windows and GlobalProtect for MacOS software lies in the ability to disclose information through event log files, allowing attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the GlobalProtect for Windows and GlobalProtect for MacOS software lies in the exploitation of information disclosure through event log files. Exploiting this vulnerability allows attackers to compromise the confidentiality and integrity of the protected information...
The vulnerability of the GlobalProtect for Windows security software suite arises from insufficient checks on the status of shared resources. This allows attackers to execute programs with SYSTEM privileges.
The vulnerability of the GlobalProtect for Windows endpoint protection software exists due to insufficient testing of the state of the shared resources. Exploiting this vulnerability allows an attacker to execute programs with SYSTEM privileges...