Unrated severityNVD Advisory· Published Apr 11, 2025· Updated May 2, 2025
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
CVE-2025-0120
Description
A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*range: All
- (no CPE)
- (no CPE)range: All
Patches
Vulnerability mechanics
References
1- security.paloaltonetworks.com/CVE-2025-0120mitrevendor-advisory
News mentions
0No linked articles in our index yet.