Unrated severityNVD Advisory· Published Oct 9, 2024· Updated Oct 18, 2024
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
CVE-2024-9473
Description
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*range: 5.1
- (no CPE)
Patches
Vulnerability mechanics
References
2- sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-palo-alto-networks-globalprotect/mitrethird-party-advisoryexploit
- security.paloaltonetworks.com/CVE-2024-9473mitrevendor-advisory
News mentions
0No linked articles in our index yet.