VYPR
Unrated severityNVD Advisory· Published Apr 11, 2025· Updated May 2, 2025

GlobalProtect App: Local Privilege Escalation (PE) Vulnerability

CVE-2025-0120

Description

A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Paloaltonetworks/Globalprotectcpe-rescue3 versions
    cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*range: All
    • (no CPE)
    • (no CPE)range: All

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.